Submit #622347: roothub https://github.com/miansen/Roothub/tree/v2.6 2.6 XSSinfo

Titleroothub https://github.com/miansen/Roothub/tree/v2.6 2.6 XSS
DescriptionThe source code address is: https://github.com/miansen/Roothub/tree/v2.6 This CMS version 2.6 has a storage XSS vulnerability that can be triggered by "><img src=x onerror=alert(1)> In java code: src/main/java/cn/roothub/web/admin/SystemConfigAdminController.java There doesn't seem to be any filtering for XSS here Please see the vulnerability reproduction process https://github.com/wandeorfu/test
Source⚠️ https://github.com/wandeorfu/test
User
 wanderofu (UID 87839)
Submission07/25/2025 10:52 (9 months ago)
Moderation07/26/2025 15:18 (1 day later)
StatusDuplicate
VulDB entry317779 [Roothub up to 2.6 SystemConfigAdminController.java edit cross site scripting]
Points0

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!