| Title | Dice CMS V3.1.0 Cross-Site Scripting |
|---|
| Description | XSS attacks can be used to steal sensitive information from users, such as session tokens, cookies, or personal data. Attackers can inject malicious scripts that send this information to their own servers, effectively compromising user accounts and privacy.In the Dice CMS system, it's possible to steal the administrator's cookie, thereby taking over the account. |
|---|
| Source | ⚠️ https://github.com/fubxx/CVE/blob/main/DiceCMS-XSS.md |
|---|
| User | LIYU (UID 67244) |
|---|
| Submission | 04/03/2024 10:06 (2 years ago) |
|---|
| Moderation | 04/12/2024 08:42 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 260474 [bihell Dice 3.1.0 Comment cross site scripting] |
|---|
| Points | 18 |
|---|