thrsrossi Millhouse-Project
0 remedies
cpe:2.3:a:millhouse-project_project:millhouse-project:*:*:*:*:*:*:*
0 remedies
- <= 1.414
Millhouse Project Persistent Cross-Site Scripting Vulnerability
Vulnerability
A persistent cross-site scripting vulnerability has been identified in Millhouse Project version 1.414. This issue arises in the comment submission feature, where attackers can inject malicious scripts into comments. The vulnerability is exploited by embedding JavaScript in the 'content' parameter of the add_comment_sql.php file, which is then executed in the browsers of users viewing the comments.
Impact
Exploitation of this vulnerability allows for persistent cross-site scripting, where injected scripts are executed in the context of the user viewing the comments.
Reproduction
To reproduce this vulnerability, post a comment on the blog using the comment submission feature. Inject a script, such as a JavaScript alert, into the 'content' parameter. Once the comment is submitted, the injected script will be executed in the browser of anyone who views the post.
Added: Feb 6, 2026, 5:29 PM
Updated: Feb 6, 2026, 11:11 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
1.0exploitability
4.4remediation
0.0relevance
2.6threat
6.4urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.