RPCMS is an application, a web CMS system. a cross-site scripting vulnerability exists in RPCMS, which stems from the failure to properly clean up the nickname variable before it is displayed on the page in RPCMS v1.8 and below. With the API functionality enabled, an attacker could exploit the vulnerability to implement stored XSS.
CPE | Name | Operator | Version |
---|---|---|---|
rpcms rpcms | le | 1.8 |