25 matches found
Cross site scripting
EyouCMS = 1.6.0 was discovered a reflected-XSS in article type editor component in POST value "name" if the value contains a malformed UTF-8 char...
EyouCMS 跨站脚本漏洞
Zanzan Network Technology EyouCms Eyou CMS is an open source content management system CMS based on ThinkPHP by China Zanzan Network Technology Company. A cross-site scripting vulnerability exists in EyouCMS version 1.6.0 and earlier versions, which stems from a reflective cross-site scripting...
EyouCms 跨站脚本漏洞
Zanzan Network Technology EyouCms Eyou CMS is an open source content management system CMS based on ThinkPHP by China Zanzan Network Technology Company. A cross-site scripting vulnerability exists in EyouCMS version 1.6.0 and earlier versions, which stems from a reflective cross-site scripting...
PT-2023-14696 · Eyoucms · Eyoucms
Name of the Vulnerable Software and Affected Versions: EyouCMS versions prior to 1.6.0 Description: A reflected-XSS issue was discovered in the article type editor component. The issue occurs when the POST value name contains a malformed UTF-8 character. Recommendations: For EyouCMS versions prio...
Updated mediawiki packages fix security vulnerabilies
In MediaWiki before 1.23.7, a missing CSRF check could allow reflected XSS on wikis that allow raw HTML CVE-2014-9276. MediaWiki's mangling, in MediaWiki before 1.23.7, could allow an article editor to inject code into API consumers that blindly unserialize PHP representations of the page from th...