Submit #651882: MikeCen WeChat-Face-Recognition master CWE-79info

TitleMikeCen WeChat-Face-Recognition master CWE-79
DescriptionIn file wx.php $echoStr = $_GET["echostr"]; //valid signature , option if ($this->checkSignature()) { echo $echoStr; exit; } CWE: CWE-79-Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE Description: The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Source⚠️ https://github.com/MikeCen/WeChat-Face-Recognition/blob/master/wx.php#L25
User
 dev03301 (UID 88717)
Submission09/10/2025 09:01 (8 months ago)
Moderation09/25/2025 07:51 (15 days later)
StatusAccepted
VulDB entry325813 [MikeCen WeChat-Face-Recognition up to 6e3f72bf8547d80b59e330f1137e4aa505f492c1 wx.php valid echostr cross site scripting]
Points20

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!