0.001 Low
EPSS
Percentile
48.1%
Cross Site Scripting (XSS) in yzmCMS v5.2 allows remote attackers to execute arbitrary code by injecting commands into the βrefererβ field of a POST request to the component β/member/index/login.htmlβ when logging in.
github.com/yzmcms/yzmcms/issues/9