A Stored Cross-Site Scripting (XSS) vulnerability exists in the Help Documentation module of SmartAdmin v3.0(https://gitee.com/lab1024/smart-admin) Enterprise Rapid Development Platform. Attackers can directly submit malicious HTML content containing JavaScript code through backend API interfaces, bypassing the frontend rich text editor’s filtering mechanism. When regular users view help documentation containing malicious content, the code executes in the victim’s browser.
The frontend rich text editor automatically converts HTML special characters to entities:
< → <> → >" → "' → 'However, the backend API directly receives the contentHtml field without performing reverse conversion, allowing attackers to bypass frontend filtering by directly calling the API.