Hi, I would like to report Cross Site Scripting vulnerability in YzmCMS V5.2.
POC:
1.Login to administrator panel.
2.Open below URL in browser which supports flash.
url:http://123.com/admin/system_manage/save.html
eg:
<script>alert('xss2')</script>
Fix:
Filter the site_code parameter
The text was updated successfully, but these errors were encountered:
Hi, I would like to report Cross Site Scripting vulnerability in YzmCMS V5.2.
POC:
1.Login to administrator panel.
2.Open below URL in browser which supports flash.
url:http://123.com/admin/system_manage/save.html
eg:
<script>alert('xss2')</script>Fix:
Filter the site_code parameter
The text was updated successfully, but these errors were encountered: