wangmarket <=v6.4 Cross Site Scripting정보

제목	xnx3 https://github.com/xnx3/wangmarket <=v6.4 Cross Site Scripting
설명	The /siteVar/save.do endpoint is vulnerable to XSS. After logging in with the credentials wangzhan/wangzhan, injecting an XSS payload into the 'Remark' or 'Variable Value' fields during the 'Add Global Variable' operation and saving it results in Stored XSS upon subsequent access.
원천	⚠️ https://github.com/yuccun/CVE/blob/main/wangmarket-Stored_Cross-Site_Scripting.md
사용자	yuccun (UID 93614)
제출	2025. 12. 21. AM 10:30 (4 개월 ago)
모더레이션	2026. 01. 01. AM 10:52 (11 days later)
상태	수락
VulDB 항목	339337 [xnx3 wangmarket 까지 6.4 Add Global Variable /siteVar/save.do Remark/Variable Value 크로스 사이트 스크립팅]
포인트들	17

Want to know what is going to be exploited?

We predict KEV entries!