제출 #708322: xiweicheng TMS v2.28.0 Cross Site Scripting정보

제목xiweicheng TMS v2.28.0 Cross Site Scripting
설명TMS v2.28.0 /admin/blog/comment/create interface Cross-Site Scripting (XSS) vulnerability In TMS System version v2.28.0, the `/admin/blog/comment/create` endpoint does not apply entity encoding to user-supplied input, leading to a Cross-Site Scripting (XSS) vulnerability. https://github.com/ha1yu-Yiqiyin/warehouse/blob/main/TMS_v2.28.0_XSS-1.md
원천⚠️ https://github.com/ha1yu-Yiqiyin/warehouse/blob/main/TMS_v2.28.0_XSS-1.md
사용자
 red0_ha1yu (UID 61457)
제출2025. 12. 07. PM 01:25 (6 개월 ago)
모더레이션2025. 12. 16. PM 09:57 (9 days later)
상태수락
VulDB 항목336939 [xiweicheng TMS 까지 2.28.0 create createComment content 크로스 사이트 스크립팅]
포인트들19

이전개요다음

Do you know our Splunk app?

Download it now for free!