Stored-XSS found in content field when post a site news
Steps To Reproduce:
1、Login the backstage: http://localhost/hongcms-master/admin/
2、[Sidebar] Choose Others -->Site News, and then post a news
3、Set content field to the following payload <script>alert(document.cookie)</script>
4、On the site front page, we can see the news we just posted
The Same with following
[Sidebar] Choose Others -->Normal Content --> Edit "About Us"
Set content field to same payload, (a lot of aaa... is for discrimination)
`aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Stored-XSS found in content field when post a site news
Steps To Reproduce:



1、Login the backstage:
http://localhost/hongcms-master/admin/
2、[Sidebar] Choose Others -->Site News, and then post a news
3、Set content field to the following payload
<script>alert(document.cookie)</script>4、On the site front page, we can see the news we just posted
The Same with following
[Sidebar] Choose Others -->Normal Content --> Edit "About Us"

<script>alert(document.cookie)</script>`Set content field to same payload, (a lot of aaa... is for discrimination)
`aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Go to: http://localhost/hongcms-master/index.php/about

The text was updated successfully, but these errors were encountered: