提交 #765929: 1024-lab SmartAdmin ≤3.29 Stored Cross-Site Scripting (XSS)信息

标题1024-lab SmartAdmin ≤3.29 Stored Cross-Site Scripting (XSS)
描述A Stored Cross-Site Scripting (XSS) vulnerability exists in the Help Documentation module of SmartAdmin v3.0 Enterprise Rapid Development Platform. Attackers can directly submit malicious HTML content containing JavaScript code through backend API interfaces, bypassing the frontend rich text editor’s filtering mechanism. When regular users view help documentation containing malicious content, the code executes in the victim’s browser.
来源⚠️ https://www.notion.so/SmartAdmin-Stored-Cross-Site-Scripting-XSS-in-HelpDoc-module-310ea92a3c418050852dc554e2b5b49b
用户
 din4 (UID 50867)
提交2026-02-23 16時48分 (2 月前)
管理2026-03-07 13時21分 (12 days later)
状态已接受
VulDB条目349664 [1024-lab/lab1024 SmartAdmin 直到 3.29 Help Documentation HelpDocAddForm.java 跨网站脚本]
积分17

上一步一览下一步

Might our Artificial Intelligence support you?

Check our Alexa App!