| Title | mtons https://gitee.com/mtons/mblog <=3.5.0 Reflected XSS |
|---|
| Description | The /admin/post/list endpoint is used for viewing article lists in the admin panel, the search function's user-controlled title parameter has no security checks, and the output has no encoding processing, thus creating reflected XSS vulnerabilities. |
|---|
| Source | ⚠️ https://gitee.com/mtons/mblog/issues/ICPMMQ |
|---|
| User | ZAST.AI (UID 87884) |
|---|
| Submission | 08/14/2025 06:04 (8 months ago) |
|---|
| Moderation | 08/25/2025 11:40 (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 321273 [mtons mblog up to 3.5.0 Admin Panel /admin/post/list Title cross site scripting] |
|---|
| Points | 17 |
|---|