You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is an Stored Cross Site Scripting vulnerability in your latest version of the CMS v1.3.7
Download link: "https://codeload.github.com/hnaoyun/PbootCMS/zip/V1.3.7"
In the Pbootcmsv1.3.7\apps\admin\controller\content\SingleController.php, No filtering to title in the mod( ) function:
Vulnerability trigger point: http://www.pbootcms.cn/index.php/about/11
1、Log in as admin
2、Choose this part
3、modify content
4、Added refresh vulnerability trigger point
Fix:
Filter the title parameter
There is an Stored Cross Site Scripting vulnerability in your latest version of the CMS v1.3.7
Download link: "https://codeload.github.com/hnaoyun/PbootCMS/zip/V1.3.7"
In the Pbootcmsv1.3.7\apps\admin\controller\content\SingleController.php, No filtering to title in the mod( ) function:
Vulnerability trigger point:
http://www.pbootcms.cn/index.php/about/11
1、Log in as admin
2、Choose this part
3、modify content
4、Added refresh vulnerability trigger point
Fix:
Filter the title parameter