6 matches found
CVE-2026-7429
SSCMS v7.4.0 contains a reflected cross-site scripting vulnerability in the STL processing endpoint that allows attackers to execute arbitrary JavaScript by crafting malicious STL template payloads that are decrypted and returned without proper sanitization. Attackers can exploit improper output...
CVE-2026-7429 SSCMS v7.4.0 Reflected Cross-Site Scripting via STL Processing
SSCMS v7.4.0 contains a reflected cross-site scripting vulnerability in the STL processing endpoint that allows attackers to execute arbitrary JavaScript by crafting malicious STL template payloads that are decrypted and returned without proper sanitization. Attackers can exploit improper output...
EUVD-2026-26417
SSCMS v7.4.0 contains a reflected cross-site scripting vulnerability in the STL processing endpoint that allows attackers to execute arbitrary JavaScript by crafting malicious STL template payloads that are decrypted and returned without proper sanitization. Attackers can exploit improper output...
CVE-2026-7429
CVE-2026-7429 affects SSCMS v7.4.0 and describes a reflected cross‑site scripting flaw in the STL processing endpoint. The vulnerability arises from improper output encoding in the /api/stl/actions/dynamic endpoint, where malicious STL template payloads can be decrypted and returned without sanit...
CVE-2026-7429 SSCMS v7.4.0 Reflected Cross-Site Scripting via STL Processing
SSCMS v7.4.0 contains a reflected cross-site scripting vulnerability in the STL processing endpoint that allows attackers to execute arbitrary JavaScript by crafting malicious STL template payloads that are decrypted and returned without proper sanitization. Attackers can exploit improper output...
SSCMS 跨站脚本漏洞
SSCMS SiteServerCMS is a content management system developed by SSCMS Corporation in China. Version 7.4.0 of SSCMS contains a cross-site scripting vulnerability. This vulnerability stems from STL processing of endpoint scenarios involving reflective cross-site scripts. It may allow attackers to...