Yzmcms 跨站脚本漏洞

YzmCMS is a lightweight open source content management system based on PHP Mysql architecture developed by Yuan Zhimeng alone.YzmCMS version 5.2 has a cross-site scripting vulnerability. An attacker can use the sitecode parameter in admin/index/init.html to inject and execute javascript code...

CVE-2020-23369

In YzmCMS 5.6, XSS was discovered in member/membercontent/init.html via the SRC attribute of an IFRAME element because of using UEditor 1.4.3.3...