3 matches found
CVE-2020-18410
A stored cross site scripting XSS vulnerability in /index.php?admin-master-article-edit of Chaoji CMS v2.18 that allows attackers to obtain administrator privileges...
PT-2023-11498 · Unknown · Chaoji Cms
Name of the Vulnerable Software and Affected Versions: Chaoji CMS version 2.18 Description: A stored cross site scripting XSS issue in the /index.php?admin-master-article-edit endpoint of Chaoji CMS allows attackers to obtain administrator privileges. Recommendations: For Chaoji CMS version 2.18,...
PT-2023-11500 · Unknown · Chaoji Cms
Name of the Vulnerable Software and Affected Versions: Chaoji CMS version 2.18 Description: A stored cross site scripting XSS issue allows attackers to execute arbitrary code via the "/index.php?admin-master-webset" API endpoint. This enables attackers to inject malicious scripts into the...