PerfreeBlog 安全漏洞

PerfreeBlog is PerfreeBlog open source, a java-based blog/CMS builder. A security vulnerability exists in PerfreeBlog version 4.0.11, which originates from the presence of arbitrary file uploads in the attach component and could lead to the execution of arbitrary code...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the attach component of the content edition feature, which allows users to attach files or medias to a page. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects”...

YesWiki 跨站脚本漏洞

YesWiki is a wiki system written in PHP by the French organization YesWiki. It is used to create and manage websites in a collaborative way. A cross-site scripting vulnerability exists in YesWiki 4.4.5 and earlier versions, which stems from improper input validation when the attach component...

PT-2025-5262 · Yeswiki · Yeswiki

Name of the Vulnerable Software and Affected Versions: YesWiki versions up to and including 4.4.5 Description: The vulnerability allows an authenticated user with rights to edit or create a page or comment to trigger a stored XSS attack, which can be reflected on any page where the resource is...