`
There is a Permanent-type Cross-Site Vulnerability in Personal Signature in all version of Discuz!. It can be written by the worm!
Discuz! do not filter the Malicious code when user enter their personal signature, attacker can enter the xss code, Discuz! will save and run it! It maybe lead the propagation of worm!
For example:
we can register an user, and enter the xss code to our personal signature!
like:
</textarea><script>alert(/Liscker/);</script><textarea>
Vulnerable: Discuz! <=7.2 all version!
Liscker
2010.03.24
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation