2 matches found
CVE-2018-10026
The WeChat module in YzmCMS 3.7.1 has reflected XSS via the admin/module/init.html echostr parameter, related to the valid function in application/wechat/controller/index.class.php...
CVE-2018-10026
The CVE describes a reflected cross-site scripting vulnerability in YzmCMS 3.7.1 within the WeChat module. The issue occurs when processing the admin/module/init.html echostr parameter, tied to the valid function in application/wechat/controller/index.class.php. This allows XSS via user-controlle...