| Título | 南昌蓝智科技有限公司 Jspxcms 10.2.0 Cross-site scripting |
|---|
| Descrição | Jspxcms is a scalable, enterprise-class open source web content management system (CMS).
Jspxcms v10.2.0 has a cross-site scripting vulnerability due to unfiltered title and tag parameters in background survey selection, which can be exploited by an attacker to execute arbitrary Web scripts or HTML by injecting well-designed payloads. |
|---|
| Fonte | ⚠️ https://github.com/sweatxi/BugHub/blob/main/jspXCMS-%20Survey%20label.pdf |
|---|
| Utilizador | hexixi (UID 59932) |
|---|
| Submissão | 14/01/2024 11h37 (há 2 anos) |
|---|
| Moderação | 19/01/2024 10h40 (5 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 251545 [Jspxcms 10.2.0 Survey Label Script de Site Cruzado] |
|---|
| Pontos | 18 |
|---|