Headline
CVE-2023-27093: My-Blog storage type XSS defect · Issue #I6GDTU · ZHENFENGSHISAN/My-Blog - Gitee.com
Cross Site Scripting vulnerability found in My-Blog allows attackers to cause a denial of service via the Post function.
My-Blog storage type XSS defect
待办的
五哥
创建于
2023-02-20 16:45
Post function module browsing post content exists storage xss, when the user publishes the article, the content format of the article is not filtered, can leak sensitive information. Once you get the post information, send the data directly to edit.html
评论 (0)
五哥 创建了任务
登录 后才可以发表评论