You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[Suggested description]
Cross SIte Scripting (XSS) vulnerability exists in catfish - <=6.3.0. via
a Google search inurl:/catfishcms/index.php/admin/Index/addmenu.htmland then the .html
file on the website that uses this editor (the file suffix is allowed).
[Suggested description]
Cross SIte Scripting (XSS) vulnerability exists in catfish - <=6.3.0. via
a Google search inurl:/catfishcms/index.php/admin/Index/addmenu.htmland then the .html
file on the website that uses this editor (the file suffix is allowed).
[Vulnerability Type]
Cross Site Scripting (XSS)
[Vendor of Product]
https://github.com/xwlrbh/Catfish
[Affected Product Code Base]
catfish - <=6.3.0.
[Affected Component]
POST /catfishcms/index.php/admin/Index/addmenu.html HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0
...
zidingyi=your xss url
[Attack Type]
Remote
[Impact Code execution]
![image](https://user-images.githubusercontent.com/67416400/145699069-7fa2b0c7-ba44-4939-a38d-d8b758f9df98.png)
![image](https://user-images.githubusercontent.com/67416400/145699078-3833b584-0a84-4943-b0ca-a61656361e9e.png)
true
The text was updated successfully, but these errors were encountered: