Submeter #753879: rachelos WeRSS WeRSS<=1.4.8 Stored Cross-Site Scripting (XSS)informação

Títulorachelos WeRSS WeRSS<=1.4.8 Stored Cross-Site Scripting (XSS)
DescriçãoAn insufficient content sanitization in WeRSS’s ([https://github.com/rachelos/we-mp-rss/](https://github.com/rachelos/we-mp-rss/)) Article module allows authenticated users to perform Stored Cross-Site Scripting (XSS) attacks. The vulnerability stems from multiple security failures in the content processing pipeline that form a complete exploit chain.
Fonte⚠️ https://www.notion.so/WeRSS-Stored-Cross-Site-Scripting-XSS-in-Article-module-300ea92a3c4180be87dffca6b47d17f7
Utilizador
 din4 (UID 50867)
Submissão07/02/2026 08h41 (há 4 meses)
Moderação19/02/2026 18h24 (12 days later)
EstadoAceite
Entrada VulDB346950 [rachelos WeRSS we-mp-rss até 1.4.8 Article tools/fix.py fix_html Script de Site Cruzado]
Pontos15

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!