Отправить #651885: wangchenyi1996 chat_forum master CWE-79Информация

Названиеwangchenyi1996 chat_forum master CWE-79
ОписаниеIn file q.php ```php <?php foreach(range(1,$_GET['num']) as $_num){?> <dd><img src="<?php echo $_GET['path'].$_num?>.png" title="贴图<?php echo $_GET['path'].$_num?>.png" ``` CWE: CWE-79-Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE Description: The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Источник⚠️ https://github.com/wangchenyi1996/chat_forum/blob/master/q.php#L31
Пользователь
 dev03301 (UID 88717)
Представление10.09.2025 09:15 (8 месяцы назад)
Модерация17.09.2025 16:33 (7 days later)
Статуспринято
Запись VulDB324675 [wangchenyi1996 chat_forum до 80bdb92f5b460d36cab36e530a2c618acef5afd2 /q.php path межсайтовый скриптинг]
Баллы20

ПредыдущийОбзорДалее

Do you need the next level of professionalism?

Upgrade your account now!