Submit #517269: ujcms v9.7.5 stored XSSinfo

Titleujcms v9.7.5 stored XSS
DescriptionThere is a vulnerability in the template file editing function of the ujcms_v9.7.5 backend. The embedded JavaScript is not filtered or checked. When users access files with embedded malicious code, the malicious JavaScript code will be triggered, which may lead to the theft of sensitive tokens.
Source⚠️ https://github.com/dromara/ujcms/issues/14
User
 icefoxh (UID 82165)
Submission03/10/2025 03:23 (1 Year ago)
Moderation03/18/2025 10:20 (8 days later)
StatusAccepted
VulDB entry299997 [Dromara ujcms 9.7.5 Edit Template File Page WebFileTemplateController.java update cross site scripting]
Points18

Do you want to use VulDB in your project?

Use the official API to access entries easily!