CVE-2018-14513

2018-07-2308:29:00

Google

osv.dev

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

41.8%

JSON

An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the form[content] parameter to the index.php?m=feedback&f=index&v=contact URI.

References

github.com/wuzhicms/wuzhicms/issues/145