Submeter #567568: continew continew-admin 3.6.0 Stored cross-site scriptinginformação

Títulocontinew continew-admin 3.6.0 Stored cross-site scripting
DescriçãoThe continuous admin system v3.6.0 can upload HTML files when uploading files through the "/dev api/common/file" interface, causing storage XSS. Hackers can exploit this vulnerability to steal administrator cookies, conduct phishing attacks, and cause harm
Fonte⚠️ https://github.com/uglory-gll/javasec/blob/main/continew-admin.md
Utilizador
 uglory (UID 82151)
Submissão30/04/2025 06h13 (há 1 Ano)
Moderação10/05/2025 17h45 (10 days later)
EstadoAceite
Entrada VulDB308298 [ContiNew Admin até 3.6.0 /dev-api/common/file Ficheiro Script de Site Cruzado]
Pontos17

VoltarVisão GeralPróximo

Want to know what is going to be exploited?

We predict KEV entries!