4 matches found
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the manipulation of the /admin/auth/roles component due to improper sanitization of the Slug field. An attacker can inject malicious scripts by sending crafted inputs to the affected page. Details...
CVE-2025-0709 Dcat-Admin Roles Page roles cross site scripting
A vulnerability was found in Dcat-Admin 2.2.1-beta. It has been rated as problematic. This issue affects some unknown processing of the file /admin/auth/roles of the component Roles Page. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
CVE-2025-0709 Dcat-Admin Roles Page roles cross site scripting
A vulnerability was found in Dcat-Admin 2.2.1-beta. It has been rated as problematic. This issue affects some unknown processing of the file /admin/auth/roles of the component Roles Page. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
LavaLite 跨站脚本漏洞
Lavalite is an open source content management system developed using the Laravel framework. A stored cross-site scripting vulnerability exists in the /admin/roles/role component of LavaLite version 5.8.0, which can be exploited by an attacker to execute arbitrary Web script or HTML via the ""New"...