Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The "content" field in the "regular post" page of the "add content" menu under "dashboard" in htmly 2.8.1 has a storage cross site scripting (XSS) vulnerability. It allows remote attackers to send authenticated post-http requests to add / content and inject arbitrary web scripts or HTML through special content.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
htmly 跨站脚本漏洞
Vulnerability Description
HTMLy是一套基于PHP的开源博客平台。 htmly2.8.1版本存在安全漏洞,该漏洞源于在htmly 2.8.1的“仪表板”下的“添加内容”菜单中的“常规发布”页面中的“内容”字段存在存储跨站点脚本漏洞。该漏洞允许远程攻击者发送经过验证的后http请求来添加内容,并通过特殊内容注入任意web脚本或HTML代码。
CVSS Information
N/A
Vulnerability Type
N/A