Описание
moonshine Stored Cross-Site Scripting Vulnerability in Create Admin
A stored cross-site scripting (XSS) vulnerability in the Create Admin function of MoonShine v3.12.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter.
Пакеты
Наименование
moonshine/moonshine
composer
Затронутые версииВерсия исправления
< 3.12.4
3.12.14
Связанные уязвимости
CVSS3: 4.9
nvd
6 месяцев назад
A Stored Cross-Site Scripting (XSS) vulnerability exists in MoonShine version < 3.12.4, allowing remote attackers to store and execute arbitrary JavaScript by including a malicious HTML payload in the Name parameter when creating a new Admin.