CVE-2019-17488
CVE-2019-17488 affects b3log Symphony (Sym) before 3.6.0, where a cross-site scripting (XSS) vulnerability exists via the HTTP User-Agent header. The connected CNVD entry notes the root cause as lack of proper validation of client-side data by the web application, enabling potential client-side c...