| Título | 长沙友点软件科技有限公司 YouDianCMS 9.5.21 Cross Site Scripting |
|---|
| Descrição | YouDianCMS v9.5.21 has a reflected XSS vulnerability in App/Tpl/Member/Default/Order/index.html.Attackers can add malicious JavaScript scripts to the URL, and the server will concatenate the malicious scripts into the URL and return them to the browser, ultimately causing XSS vulnerabilities |
|---|
| Fonte | ⚠️ https://github.com/zonesec0/findcve/issues/6 |
|---|
| Utilizador | zonesec (UID 74980) |
|---|
| Submissão | 26/03/2025 07h14 (há 1 Ano) |
|---|
| Moderação | 12/04/2025 13h48 (17 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 304570 [YouDianCMS 9.5.21 index.html.Attackers OrderNumber Script de Site Cruzado] |
|---|
| Pontos | 17 |
|---|