Hi, I would like to report Cross Site Scripting vulnerability in YzmCMS V5.8
Description:
In the content.class.php row 42, No filtering of the searinfo parameterA xss vulnerability was discovered in yzmcms.
In YzmCMS v5.8, stored XSS exists via the /admin/system_manage/user_config_edit.html value parameter, which allows remote attackers to inject arbitrary web script or HTML.
The text was updated successfully, but these errors were encountered:
Hi, I would like to report Cross Site Scripting vulnerability in YzmCMS V5.8
Description:




In the content.class.php row 42, No filtering of the searinfo parameterA xss vulnerability was discovered in yzmcms.
In YzmCMS v5.8, stored XSS exists via the /admin/system_manage/user_config_edit.html value parameter, which allows remote attackers to inject arbitrary web script or HTML.
The text was updated successfully, but these errors were encountered: