Submit #239326: CSZCMS(https://www.cszcms.com/) CSZCMS V1.3.0 Stored XSSinfo

TitleCSZCMS(https://www.cszcms.com/) CSZCMS V1.3.0 Stored XSS
DescriptionIn the administration background, when performing website configuration, the Additional Meta Tag section is not strictly filtered, and the running user inserts svg tags to execute code, resulting in a stored XSS vulnerability
Source⚠️ https://github.com/t34t/CVE/blob/main/CSZCMS/0-Store-XSS-Vulnerability-in-cszcmsV1.3.0.md
User
 testvul (UID 58141)
Submission11/16/2023 10:05 (3 years ago)
Moderation11/26/2023 08:45 (10 days later)
StatusAccepted
VulDB entry246129 [CSZCMS 1.3.0 Site Settings Page /admin/settings/ Additional Meta Tag cross site scripting]
Points16

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!