Hello, I found XSS vulnerability in the system management page。
This is the payload When I tested:
page:index.php
Param:c=new&m=set
ParamKey:mail
POSTData:
group=0&mail=&passwd=g00dPa%24%24w0rD&phone=555-666-0606&status=1&username=GRLpGpAGa
The text was updated successfully, but these errors were encountered:
Hello, I found XSS vulnerability in the system management page。

&passwd=g00dPa%24%24w0rD&phone=555-666-0606&status=1&username=GRLpGpAGa

This is the payload When I tested:
page:index.php
Param:c=new&m=set
ParamKey:mail
POSTData:
group=0&mail=
The text was updated successfully, but these errors were encountered: