No description, website, or topics provided.
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
1.png
2.png
3.png
4.png
README.md

README.md

cmsms_vul

XSS-1

When modifying the email, if the format is wrong, the response contains the previously entered email value. At this time, the XSS vulnerability will be started.
change password change password

XSS-2

When creating Shortcuts, the system does not detect the Title, which will cause a storage XSS vulnerability. change password The value of inputting is

"></script><script>alert(11)</script>

change password