| Title | youlaitech vue3-element-admin <=v3.4.0 XSS |
|---|
| Description | A second-order stored Cross-Site Scripting (XSS) vulnerability has been identified in the notice management system. Authenticated users with notice creation or edit privileges can inject malicious JavaScript that will execute in the browsers of other users when they view the compromised notice. |
|---|
| Source | ⚠️ https://github.com/AnalogyC0de/public_exp/blob/main/archives/vue3-element-admin/report.md |
|---|
| User | Ana10gy (UID 93358) |
|---|
| Submission | 12/18/2025 05:11 (6 months ago) |
|---|
| Moderation | 12/30/2025 19:39 (13 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 339080 [youlaitech vue3-element-admin up to 3.4.0 Notice index.vue cross site scripting] |
|---|
| Points | 17 |
|---|