Submit #267201: 南昌蓝智科技有限公司 Jspxcms 10.2.0 Cross-site scriptinginfo

Title南昌蓝智科技有限公司 Jspxcms 10.2.0 Cross-site scripting
DescriptionJspxcms is a scalable, enterprise-class open source web content management system (CMS). Jspxcms v10.2.0 has a cross-site scripting vulnerability, which is caused by background modification of document title parameters without filtering, and an attacker can exploit this vulnerability to execute arbitrary Web scripts or HTML by injecting well-designed payloads.
Source⚠️ https://github.com/sweatxi/BugHub/blob/main/Jspxcms.pdf
User
 hexixi (UID 59932)
Submission01/13/2024 08:38 (2 years ago)
Moderation01/16/2024 16:25 (3 days later)
StatusAccepted
VulDB entry250837 [Jspxcms 10.2.0 Document Management Page InfoController.java Title cross site scripting]
Points18

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!