Wonderful works of CMS! I find the security issues on the management settings website:
A cross-site scripting (XSS) vulnerability is stored in the site name field on the "ADD" button under the "Categories" menu in WistyCMS No.0.62, allowing remote attackers to inject arbitrary Web scripts or HTML via fine site names via WITYCMS/ADMIN-authenticated HTTP requests
You can insert JS code into the input box when you add the "Category" column, and the code will be executed after saving, which will affect the security of your "cms" work Oh!!
When you query data, you should do a good job of filtering keywords.
The text was updated successfully, but these errors were encountered:
Wonderful works of CMS! I find the security issues on the management settings website:
A cross-site scripting (XSS) vulnerability is stored in the site name field on the "ADD" button under the "Categories" menu in WistyCMS No.0.62, allowing remote attackers to inject arbitrary Web scripts or HTML via fine site names via WITYCMS/ADMIN-authenticated HTTP requests
You can insert JS code into the input box when you add the "Category" column, and the code will be executed after saving, which will affect the security of your "cms" work Oh!!
When you query data, you should do a good job of filtering keywords.
The text was updated successfully, but these errors were encountered: