CVE-2019-9078

2019-02-24T17:29:00
ID CVE-2019-9078
Type cve
Reporter cve@mitre.org
Modified 2019-02-25T17:18:00

Description

zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter because inc/stopsqlin.php does not block a mixed-case string such as sCrIpT.