2 matches found
CVE-2018-17077
An issue was discovered in yiqicms through 2016-11-20. There is stored XSS in comment.php because a length limit can be bypassed...
CVE-2018-17077
CVE-2018-17077 affects yiqicms (pre-2016-11-20) with a stored cross-site scripting (XSS) vulnerability in the file comment.php caused by a bypassable length restriction on the message title. The CNVD/NVD records describe that an attacker can inject arbitrary script or HTML, leveraging the bypasse...