提交 #224899: flusity-CMS menu_id in posts.php_ XSS (Cross Site Scripting) exists for the place parameter信息

标题flusity-CMS menu_id in posts.php_ XSS (Cross Site Scripting) exists for the place parameter
描述flusity-CMS menu_id in posts.php_ XSS (Cross Site Scripting) exists for the place parameter. echo "<script>loadPostAddForm ($menu_id);</script>"; Users can control the incoming parameter menu_ ID, resulting in an xss vulnerability
来源⚠️ https://github.com/flusity/flusity-CMS/issues/3
用户
 zihe (UID 56943)
提交2023-10-24 12時42分 (3 年前)
管理2023-10-26 20時14分 (2 days later)
状态已接受
VulDB条目243642 [flusity CMS core/tools/posts.php loadPostAddForm menu_id 跨网站脚本]
积分17

上一步一览下一步

Do you know our Splunk app?

Download it now for free!