CVE-2026-36725

A markdown based cross-site scripting XSS vulnerability in the /system/notice/create endpoint of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the noticecontent parameter...

CVE-2026-36725

CVE-2026-36725 describes a markdown-based cross-site scripting (XSS) vulnerability in the FastapiAdmin package, specifically affecting v2.2.0. The issue resides in the /system/notice/create endpoint where an attacker can inject a crafted payload into the notice_content parameter to execute arbitr...

CVE-2026-36725

A markdown based cross-site scripting XSS vulnerability in the /system/notice/create endpoint of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the noticecontent parameter...

PT-2026-48171

A markdown based cross-site scripting XSS vulnerability in the /system/notice/create endpoint of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the notice content parameter...

CVE-2026-7677

A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System Notice Handler. This manipulation of the argument...

RuoYi 代码注入漏洞

RuoYi is a back-end management system for individual developers of RuoYi in China. RuoYi 4.8.1 and previous versions of code injection vulnerability exists, the vulnerability stems from the file /system/notice/edit in the parameter noticesTitle/noticeContent improper handling of cross-site...