You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[Suggested description]
Store XSS vulnerability exists in crmeb_java <=1.3.4
Failure to filter or validate parameters effectively results in stored XSS.
The content parameter has a stored XSS vulnerability.
Insert the payload and send the request packet.
Find the added product and enter the product details page, click the inserted img tag to trigger the vulnerability.
There you can see it!
[Impact Code execution]
true
[Cause of vulnerability]
com.zbkj.admin.controller.StoreProductController line 77.
The save() method of storeProductService is called on line 77 of this controller
Follow up this method to com.zbkj.service.service.impl.StoreProductServiceImpl.
On line 339, save the value of the content parameter in the request packet to the database.
Come to the front page.
In crmeb_java\admin\src\views\store\creatStore\index.vue, in line 296, use v-html to render the obtained content value. It is known that v-html will treat the obtained content as HTML code to render.
The reason for this vulnerability is that there is no legal security check on user data.
The end,thanks!
The text was updated successfully, but these errors were encountered:
[Suggested description]
Store XSS vulnerability exists in crmeb_java <=1.3.4
Failure to filter or validate parameters effectively results in stored XSS.
[Vulnerability Type]
Stored XSS
[Vendor of Product]
https://github.com/crmeb/crmeb_java
[Affected Product Code Base]
<=1.3.4
[Affected Component]
/api/admin/store/product/save
[Attack Type]
Remote
[Vulnerability details]
payload :
Get the request message of the /api/admin/store/product/save interface.
The content parameter has a stored XSS vulnerability.
Insert the payload and send the request packet.
Find the added product and enter the product details page, click the inserted img tag to trigger the vulnerability.
There you can see it!
[Impact Code execution]
true
[Cause of vulnerability]
com.zbkj.admin.controller.StoreProductController line 77.
The save() method of storeProductService is called on line 77 of this controller
Follow up this method to com.zbkj.service.service.impl.StoreProductServiceImpl.
On line 339, save the value of the content parameter in the request packet to the database.
Come to the front page.
In crmeb_java\admin\src\views\store\creatStore\index.vue, in line 296, use v-html to render the obtained content value. It is known that v-html will treat the obtained content as HTML code to render.
The reason for this vulnerability is that there is no legal security check on user data.
The end,thanks!
The text was updated successfully, but these errors were encountered: