mall 代码注入漏洞

mall is a macro personal developer of a set of e-commerce system, including the front mall system and backend management system. mall 1.0.3 and previous versions of code injection vulnerability, the vulnerability stems from the file / swagger-ui/index.html parameter configUrl lead to cross-site...