mpay mpay v1.2.4 Stored Cross-Site Scripting信息

标题	https://gitee.com/technical-laohu/mpay mpay v1.2.4 Stored Cross-Site Scripting
描述	In v1.2.4 of mpay, there is a storage XSS vulnerability in the username modification function in the background，which can steal sensitive user information, tamper with page content, 和 spread malware for a long time, seriously threatening user privacy and website reputation.
来源	⚠️ https://github.com/bdkuzma/vuln/issues/16
用户	baihekuz (UID 84516)
提交	2026-01-10 05時14分 (5 月前)
管理	2026-01-18 14時59分 (8 days later)
状态	已接受
VulDB条目	341744 [technical-laohu mpay 直到 1.2.4 User Center Nickname 跨网站脚本]
积分	18

Want to know what is going to be exploited?

We predict KEV entries!