| Название | https://github.com/withstars/Blog-System Blog-System 1.0 Stored Cross-Site Scripting |
|---|
| Описание | The Blog-System version 1.0 /api/comment/add interface has a stored cross-site scripting (XSS) vulnerability that allows an attacker to inject malicious JavaScript code via the content parameter. This code is stored in the system and executed when other users visit the relevant page |
|---|
| Источник | ⚠️ https://github.com/caigo8/CVE-md/blob/main/Blog-System/XSS2.md |
|---|
| Пользователь | Caigosec (UID 84067) |
|---|
| Представление | 13.04.2025 07:26 (1 Год назад) |
|---|
| Модерация | 26.04.2025 09:03 (13 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 306298 [withstars Books-Management-System 1.0 Comment /api/comment/add content межсайтовый скриптинг] |
|---|
| Баллы | 17 |
|---|