A xss vulnerability was discovered in WUZHI CMS 4.1.0
There is a persistent XSS attacks vulnerability which allows remote attackers to inject arbitrary web script or HTML via the form[remark] parameter post to the /wuzhicms/www/index.php?m=link&f=index&v=add&&_su=wuzhicms&_menuid=34&_submenuid=34&_submenuid=104
Vulnerability description
A xss vulnerability was discovered in WUZHI CMS 4.1.0
There is a persistent XSS attacks vulnerability which allows remote attackers to inject arbitrary web script or HTML via the form[remark] parameter post to the /wuzhicms/www/index.php?m=link&f=index&v=add&&_su=wuzhicms&_menuid=34&_submenuid=34&_submenuid=104
poc
Vulnerability trigger point
When administrators access the expansion module link, it triggers XSS vulnerability.
The text was updated successfully, but these errors were encountered: