| 제목 | https://gitee.com/westboy/CicadasCMS/branches CicadasCMS v1.0 Cross Site Scripting |
|---|
| 설명 | A Stored Cross-Site Scripting (XSS) vulnerability exists in CicadasCMS v1.0 that causes the system to adequately filter and escape user-entered data before it is stored on the server. An attacker can persist and store malicious code on the server by submitting maliciously constructed script content (in the add department). When other users visit a page containing this malicious content, the script will be executed in their browser, potentially leading to risks such as session hijacking, leakage of sensitive information (such as stealing cookies), malicious operation simulation, or tampering with page content |
|---|
| 원천 | ⚠️ https://github.com/devastatingglamour/CVE/blob/main/CicadasCMS-XSS3.md |
|---|
| 사용자 | xmttz (UID 89920) |
|---|
| 제출 | 2025. 09. 21. PM 02:50 (7 개월 ago) |
|---|
| 모더레이션 | 2025. 09. 26. PM 02:10 (5 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 326108 [westboy CicadasCMS 1.0 Add Department /system/org/save 이름 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|