| Title | yourmaileyes MOOC V1.17 Improper Neutralization of Alternate XSS Syntax |
|---|
| Description | yourmaileyes MOOC version 1.17 contains a stored XSS vulnerability.In mooc/controller/MainController.java, a comment submission function was found that does not perform any validation on the incoming comments, posing a risk of XSS vulnerabilities.
Project address:https://github.com/yourmaileyes/MOOC |
|---|
| Source | ⚠️ https://github.com/yourmaileyes/MOOC/issues/12 |
|---|
| User | zzdzz (UID 93061) |
|---|
| Submission | 12/12/2025 07:42 (4 months ago) |
|---|
| Moderation | 12/27/2025 10:43 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 338512 [yourmaileyes MOOC up to 1.17 Submission MainController.java subreview cross site scripting] |
|---|
| Points | 18 |
|---|