wangmarket <=v6.4 Cross Site Scriptinginformação

Título	xnx3 https://github.com/xnx3/wangmarket <=v6.4 Cross Site Scripting
Descrição	The /siteVar/save.do endpoint is vulnerable to XSS. After logging in with the credentials wangzhan/wangzhan, injecting an XSS payload into the 'Remark' or 'Variable Value' fields during the 'Add Global Variable' operation and saving it results in Stored XSS upon subsequent access.
Fonte	⚠️ https://github.com/yuccun/CVE/blob/main/wangmarket-Stored_Cross-Site_Scripting.md
Utilizador	yuccun (UID 93614)
Submissão	21/12/2025 10h30 (há 4 meses)
Moderação	01/01/2026 10h52 (11 days later)
Estado	Aceite
Entrada VulDB	339337 [xnx3 wangmarket até 6.4 Add Global Variable /siteVar/save.do Remark/Variable Value Script de Site Cruzado]
Pontos	17

Might our Artificial Intelligence support you?

Check our Alexa App!