Gửi #659789: https://gitee.com/westboy/CicadasCMS/branches CicadasCMS v1.0 Cross Site Scriptingthông tin

tiêu đềhttps://gitee.com/westboy/CicadasCMS/branches CicadasCMS v1.0 Cross Site Scripting
Mô tảA stored cross-site scripting (XSS) vulnerability exists in CicadasCMS v1.0 that arises from the system not adequately filtering and escaping user input data before it is stored on the server. Attackers can persistently store malicious code on the server by submitting malicious script content (system administration - template management). When other users access pages containing malicious content, the script will be executed in their browsers, which may lead to risks such as session hijacking, sensitive information leakage (such as stolen cookies), malicious operation simulation, or page content tampering
Nguồn⚠️ https://github.com/devastatingglamour/CVE/blob/main/CicadasCMS-XSS4.md
Người dùng
 xmttz (UID 89920)
Đệ trình22/09/2025 07:41 (cách đây 7 các tháng)
Kiểm duyệt04/10/2025 20:25 (13 days later)
Trạng tháiđược chấp nhận
Mục VulDB327170 [westboy CicadasCMS đến 2431154dac8d0735e04f1fd2a3c3556668fc8dab Template Management Page TemplateFileServiceImpl.java save Tập lệnh chéo trang]
điểm20

TrướcTổng QuanTiếp theo

Do you know our Splunk app?

Download it now for free!