EUVD-2021-25583

Malware in sbrugna...

CVE-2021-39201

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Impact The issue allows an authenticated but low-privileged user like contributor/author to execute XSS in the editor. This bypasses the restrictions imposed on users who do n...

CVE-2022-27111

JfinalCMS 5.1.0 allows attackers to use the feedback function to send malicious XSS code to the administrator backend and execute it...

CVE-2017-12979

DokuWiki through 2017-02-19c has stored XSS when rendering a malicious language name in a code element, in /inc/parser/xhtml.php. An attacker can create or edit a wiki with this element to trigger JavaScript execution...

destoon /v5.0/ 存储型xss指哪打哪

简要描述： 存储型xss 指哪打哪 详细说明： 注册一个用户 http://127.0.0.1/v5.0/member/message.php?action=send&touser=oboi123&title=RE:RE%3ARE%3Asdaaaaaaa 回复处用了编辑器 编辑器有些标签没过滤，导致xss执行 xsscode: object 经过base64 可形成xss语句 漏洞证明：...