2 matches found
CVE-2018-11549
An issue was discovered in WUZHI CMS 4.1.0 There is a Stored XSS Vulnerability in "Account Settings - Member Centre - Chinese information - Ordinary member" via a QQ number, as demonstrated by a formqq10= substring...
CVE-2018-11549
CVE-2018-11549 describes a stored XSS in WUZHI CMS 4.1.0, exploitable via the “Account Settings → Member Centre → Chinese information → Ordinary member” form using the QQ number field (form[qq_10]). The underlying cause is injecting script/HTML through that field’s input. Documented impact is a c...