Gửi #703736: gitee WarehouseManager v1.1.0 - Remove CAPTCHA Improper Neutralization of Alternate XSS Syntaxthông tin

tiêu đề	gitee WarehouseManager v1.1.0 - Remove CAPTCHA Improper Neutralization of Alternate XSS Syntax
Mô tả	Gitee URL：https://gitee.com/yangshare/warehouseManager Multiple stored XSS vulnerabilities were discovered in Gitee WarehouseManager v1.1.0 - Remove CAPTCHA. The affected source code includes the files GoodsManageHandler.java, CustomerManageHandler.java, SupplierManageHandler.java, and RepositoryManageHandler.java located in src/main/java/com/ken/wms/common/controller/. One of these vulnerabilities could potentially affect other administrators, allowing them to obtain cookies and perform identity spoofing.
Nguồn	⚠️ https://gitee.com/yangshare/warehouseManager/issues/ID9NAU
Người dùng	zzdzz (UID 93061)
Đệ trình	30/11/2025 15:49 (cách đây 7 các tháng)
Kiểm duyệt	11/12/2025 12:04 (11 days later)
Trạng thái	được chấp nhận
Mục VulDB	335877 [yangshare warehouseManager 仓库管理系统 1.1.0 CustomerManageHandler.java addCustomer Tên Tập lệnh chéo trang]
điểm	20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!