Reflected XSS vulnerability in wcms/wcms/wex/cssjs.php #9
Hi, dev team!
There is Reflected XSS vulnerability in
The vulnerable code is:
Example POC: Just send any js code in
Reflected cross-site scripting (or XSS) arises when an application receives data in an HTTP request and includes that data within the immediate response in an unsafe way. If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user.
To prevent xss use next manual: https://portswigger.net/web-security/cross-site-scripting/preventing.
Please let me know about any fixes, I would like to register CVE number.
The text was updated successfully, but these errors were encountered: