CVE-2019-16657
CVE-2019-16657 affects TuziCMS 2.0.6. The vulnerability is an XSS via PATH_INFO to a group URI (example: index.php/article/group/id/2/). Documented impact suggests partial integrity and low confidentiality impact with network exposure; exploitation details are not provided beyond the example path...