Submeter #718345: youlaitech vue3-element-admin <=v3.4.0 XSSinformação

Títuloyoulaitech vue3-element-admin <=v3.4.0 XSS
DescriçãoA second-order stored Cross-Site Scripting (XSS) vulnerability has been identified in the notice management system. Authenticated users with notice creation or edit privileges can inject malicious JavaScript that will execute in the browsers of other users when they view the compromised notice.
Fonte⚠️ https://github.com/AnalogyC0de/public_exp/blob/main/archives/vue3-element-admin/report.md
Utilizador
 Ana10gy (UID 93358)
Submissão18/12/2025 05h11 (há 6 meses)
Moderação30/12/2025 19h39 (13 days later)
EstadoAceite
Entrada VulDB339080 [youlaitech vue3-element-admin até 3.4.0 Notice index.vue Script de Site Cruzado]
Pontos17

VoltarVisão GeralPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!