A xss vulnerability was discovered in yzmcms.
In YzmCMS 5.2, stored XSS exists via the admin/system_manage/user_config_edit.html value parameter, which allows remote attackers to inject arbitrary web script or HTML.
poc
xss payload:
The text was updated successfully, but these errors were encountered:
Vulnerability description
A xss vulnerability was discovered in yzmcms.
In YzmCMS 5.2, stored XSS exists via the admin/system_manage/user_config_edit.html value parameter, which allows remote attackers to inject arbitrary web script or HTML.
poc
xss payload:
The text was updated successfully, but these errors were encountered: