提交 #636627: mtons https://gitee.com/mtons/mblog <=3.5.0 Reflected XSS信息

标题mtons https://gitee.com/mtons/mblog <=3.5.0 Reflected XSS
描述The /admin/role/list endpoint is used for viewing user roles in the admin panel, the search function's user-controlled name parameter has no security checks, and the output has no encoding processing, thus creating reflected XSS vulnerabilities.
来源⚠️ https://gitee.com/mtons/mblog/issues/ICPMNE
用户
 ZAST.AI (UID 87884)
提交2025-08-18 04時34分 (8 月前)
管理2025-08-29 08時05分 (11 days later)
状态已接受
VulDB条目321854 [mtons mblog 直到 3.5.0 /admin/role/list 名称 跨网站脚本]
积分17

上一步一览下一步

Want to know what is going to be exploited?

We predict KEV entries!