IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation . A cross-site scripting vulnerability exists in IceCMS version 2.0.1. The vulnerability stems from the application’s lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary web script or HTML by injecting a carefully crafted payload.
CPE | Name | Operator | Version |
---|---|---|---|
icecms icecms | eq | 2.0.1 |