vendor:
YzmCMS
by:
zzw
6.1
CVSS
MEDIUM
XSS
79
CWE
Product Name: YzmCMS
Affected Version From: 3.6
Affected Version To: 3.6
Patch Exists: YES
Related CWE: CVE-2018-7653
CPE: a:yzmcms:yzmcms:3.6
Metasploit:
N/A
Other Scripts:
N/A
Platforms Tested: None
2018
YzmCMS 3.6 XSS Vulnerability
This is a XSS vulnerability than can attack the users. The PoC includes four URLs that contain malicious code that can be used to execute a XSS attack.
Mitigation:
Ensure that user input is properly sanitized and validated before being used in the application.
