Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-58889
HistoryJun 27, 2022 - 12:00 a.m.

74cms cross-site scripting vulnerability (CNVD-2022-58889)

2022-06-2700:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
74cms
php
mysql
recruitment
cross-site scripting
vulnerability
china xunyi technology
data validation
filtering
user-supplied data
javascript code

EPSS

0.001

Percentile

34.0%

74cms is a PHP and MySQL-based online recruitment system from China Xunyi Technology. 74cmsSE version v3.5.1 contains a cross-site scripting vulnerability that originates from the path /company/down_resume/total/nature lack of data validation filtering of user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.

EPSS

0.001

Percentile

34.0%

Related for CNVD-2022-58889