zhujunliang3 Work Platform Content Handler Cross-Site Scripting Vulnerability

Vulnerability

A cross-site scripting (XSS) vulnerability has been identified in the zhujunliang3 work_platform component, specifically in the Content Handler, prior to commit 6bc5a50bb527ce27f7906d11ea6ec139beb79c31. This issue allows remote attackers to execute scripts by injecting malicious HTML content, which is not properly sanitized before being displayed to users. The vulnerability was reported, but no response has been received from the project maintainers.

Impact

Exploitation of this vulnerability allows for cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user's browser.

Added: Dec 30, 2025, 6:25 PM

Updated: Dec 30, 2025, 6:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

5.0

remediation

0.0

relevance

1.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

5.0

remediation

0.0

relevance

1.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

zhujunliang3 Work Platform Content Handler Cross-Site Scripting Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating