An issue was discovered in Hsycms V1.1 . There is an XSS vulnerability via /book page - 碼上歡樂

相關內容簡體繁體

An issue was discovered in Hsycms V1.1 . There is an XSS vulnerability via /book page

本文轉載自查看原文 2019-02-17 00:24 1056

1. The attacker opens http://127.0.0.1/book/, and enters the following at the name.

"><img src=1 onerror=alert(location.href)>

　　

2.The vulnerability is triggered when administrators view messages.

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 拼圖游戲 v1.1 DIY書籍掃描儀簡介v1.1 時間片輪詢多任務操作系統( TinyOS51 V1.1 ) (原創)CheckTool：CRC校驗、累加和校驗、異或和校驗專業校驗工具V1.1 Air722UG_模塊硬件設計手冊_V1.1 Typecho V1.1反序列化導致代碼執行分析【物聯網中間件平台-02】YFIOs技術白皮書（V1.1） [開源] 基於Layui組件封裝的后台模版，HG-Layui-UI通用后台管理框架V1.1版 DVT JetBrains License Server（JetBrains授權服務器）2018 v1.1 最新版含32位/64位 Elasticsearch master not discovered yet, this node has not previously joined a bootstrapped (v7+) cluster

粵ICP備18138465號 © 2018-2025 CODEPRJ.COM