Cross site scripting

2021-05-1414:15:00

PRIOn knowledge base

www.prio-n.com

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.2%

JSON

Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the “Homepage Introduction” field of component “admin/info.php?shuyu”.

CPENameOperatorVersion
laobancmseq2.0

CPE	Name	Operator	Version
	laobancms	eq	2.0

References

github.com/Cumtyuanfeng/Laobancms/blob/master/vuln.md