You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
【Vulnerability Description】
There is a Cross Site Scripting attack (XSS) vulnerability in the full version of JavaQuarkBBS. By entering specific statements into the background tag management module, the attack statement will be stored in the database, and the next victim will be attacked when he accesses the tag module.
【Vulnerability Type】
Cross Site Scripting (XSS)
【Affected Version】
<=v2
【Vulnerability Verification】
Find the Background Label Management module, select the new location and enter <script>alert(“标签管理名称”)<script>
<script>alert(“标签详情”)<script>
【Repair Suggestions】
Strict filtering of user input data
The text was updated successfully, but these errors were encountered:
【Vulnerability Description】
There is a Cross Site Scripting attack (XSS) vulnerability in the full version of JavaQuarkBBS. By entering specific statements into the background tag management module, the attack statement will be stored in the database, and the next victim will be attacked when he accesses the tag module.
【Vulnerability Type】
Cross Site Scripting (XSS)
【Affected Version】
<=v2
【Vulnerability Verification】
Find the Background Label Management module, select the new location and enter
<script>alert(“标签管理名称”)<script><script>alert(“标签详情”)<script>【Repair Suggestions】
Strict filtering of user input data
The text was updated successfully, but these errors were encountered: