Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A stored cross-site scripting (XSS) vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1 in the application's message system. Unsanitized message content submitted by one user is persisted by the server and later rendered in another user's Inbox view without appropriate context-aware encoding. As a result, attacker-controlled content executes in the recipient's browser context when the Inbox message is viewed.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
pH7 Social Dating Builder 安全漏洞
Vulnerability Description
pH7 Social Dating Builder是pH7 Social Dating CMS (pH7CMS)开源的一个社交约会系统。 pH7 Social Dating Builder 17.9.1版本存在安全漏洞,该漏洞源于消息系统未清理用户提交内容,可能导致存储型跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A