PT-2018-12556 · Wuzhi · Wuzhi Cms
Name of the Vulnerable Software and Affected Versions: WUZHI CMS version 4.1.0 Description: A persistent XSS issue allows remote attackers to inject arbitrary web script or HTML via the formnickname parameter to the "index.php?m=core&f=set&v=sendmail" API endpoint. The XSS payload is triggered wh...