| 제목 | 1024-lab SmartAdmin ≤3.29 Stored Cross-Site Scripting (XSS) |
|---|
| 설명 | A Stored Cross-Site Scripting (XSS) vulnerability exists in the Help Documentation module of SmartAdmin v3.0 Enterprise Rapid Development Platform. Attackers can directly submit malicious HTML content containing JavaScript code through backend API interfaces, bypassing the frontend rich text editor’s filtering mechanism. When regular users view help documentation containing malicious content, the code executes in the victim’s browser. |
|---|
| 원천 | ⚠️ https://www.notion.so/SmartAdmin-Stored-Cross-Site-Scripting-XSS-in-HelpDoc-module-310ea92a3c418050852dc554e2b5b49b |
|---|
| 사용자 | din4 (UID 50867) |
|---|
| 제출 | 2026. 02. 23. PM 04:48 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 03. 07. PM 01:21 (12 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 349664 [1024-lab/lab1024 SmartAdmin 까지 3.29 Help Documentation HelpDocAddForm.java 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 17 |
|---|