| Title | 南昌蓝智科技有限公司 Jspxcms 10.2.0 Cross-site scripting |
|---|
| Description | Jspxcms is a scalable, enterprise-class open source web content management system (CMS).
Jspxcms v10.2.0 has a cross-site scripting vulnerability due to unfiltered title and tag parameters in background survey selection, which can be exploited by an attacker to execute arbitrary Web scripts or HTML by injecting well-designed payloads. |
|---|
| Source | ⚠️ https://github.com/sweatxi/BugHub/blob/main/jspXCMS-%20Survey%20label.pdf |
|---|
| User | hexixi (UID 59932) |
|---|
| Submission | 01/14/2024 11:37 (2 years ago) |
|---|
| Moderation | 01/19/2024 10:40 (5 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 251545 [Jspxcms 10.2.0 Survey Label cross site scripting] |
|---|
| Points | 18 |
|---|