关键信息 漏洞类型 Stored Cross-Site Scripting (XSS) 影响产品 Novel-Plus up to 5.2.4 受影响组件 API endpoint 攻击向量 Remote POC Steps: 1. Authenticate as an author and create a book with chapters. 2. Send a POST request to with malicious payload. 3. The malicious script gets stored in the database without sanitization. 4. When any user views the book chapter listing, the stored XSS payload executes. 根因分析 The vulnerability exists because is not included in the XSS filter configuration in . 影响 权限提升: Attackers can execute JavaScript in the context of other users. 信息泄露: The XSS payload can steal sensitive information including session tokens, user credentials, and personal data accessible through the DOM. 推荐修复 Add to the XSS filter configuration. 严重性 HIGH: This is a stored XSS vulnerability affecting authenticated users with potential for significant impact including session hijacking and account takeover.