A xss vulnerability was discovered in WUZHI CMS 4.1.0
There is a persistent XSS attacks vulnerability which allows remote attackers to inject arbitrary web script or HTML via the form[statcode] parameter post to the /wuzhicms/www//index.php?m=core&f=set&v=basic&_menuid=22&_su=wuzhicms
Vulnerability description
A xss vulnerability was discovered in WUZHI CMS 4.1.0
There is a persistent XSS attacks vulnerability which allows remote attackers to inject arbitrary web script or HTML via the form[statcode] parameter post to the /wuzhicms/www//index.php?m=core&f=set&v=basic&_menuid=22&_su=wuzhicms
poc
Vulnerability trigger point
When an administrator accesses the CMS home page, it triggers a XSS vulnerability
The text was updated successfully, but these errors were encountered: