Submit #615731: mall <=1.0.3 DOM XSSinfo

Titlemall <=1.0.3 DOM XSS
DescriptionDue to improper access control settings for Swagger-related interfaces, attackers are allowed to access internal API documentation, and one of the interfaces exists a DOM XSS vulnerability.
Source⚠️ https://github.com/zast-ai/vulnerability-reports/blob/main/mall/DOM_XSS.md
User
 ZAST.AI (UID 87884)
Submission07/14/2025 11:51 (11 months ago)
Moderation07/25/2025 10:54 (11 days later)
StatusAccepted
VulDB entry317604 [macrozheng mall up to 1.0.3 Swagger UI /swagger-ui/index.html configUrl cross site scripting]
Points15

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!