| Title | DaiCuoCms DaiCuoCms article manage system 1.3.13 Cross Site Scripting |
|---|
| Description | DaiCuoCms version 1.3.13 is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. An authenticated user with access to the admin panel can inject malicious JavaScript code into article content or other editable fields. This code is then rendered and executed in the context of users who visit the affected frontend pages, potentially leading to session hijacking, phishing, or other malicious actions. The lack of proper input sanitization and output encoding makes this vulnerability exploitable. |
|---|
| Source | ⚠️ https://github.com/daicuo/cms/issues/1 |
|---|
| User | A13niL (UID 83935) |
|---|
| Submission | 04/09/2025 08:25 (1 Year ago) |
|---|
| Moderation | 04/18/2025 16:00 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 305648 [DaiCuo 1.3.13 SEO Optimization Settings Section cross site scripting] |
|---|
| Points | 20 |
|---|