Submeter #645806: Htmly Htmly CMS 3.1.0 Cross Site Scriptinginformação

TítuloHtmly Htmly CMS 3.1.0 Cross Site Scripting
DescriçãoHTMLy v3.1.0 contains a stored cross-site scripting (XSS) vulnerability whereby an editor can inject malicious scripts through the label parameter within the custom fields page, resulting in the execution of arbitrary web scripts or HTML code when an administrator subsequently creates new blog posts or edits existing posts.
Fonte⚠️ https://www.notion.so/inmog/Reported-Vulnerability-XSS-Vulnerability-in-htmly-v3-1-0-2627752d1edd804fbd71f310bde44d11
Utilizador
 inmoyang (UID 89515)
Submissão02/09/2025 16h47 (há 8 meses)
Moderação20/09/2025 08h54 (18 days later)
EstadoAceite
Entrada VulDB325113 [htmly até 3.1.0 Custom Field /htmly/admin/field/post label Script de Site Cruzado]
Pontos19

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!