CVE-2019-5311
The CVE-2019-5311 entry affects YUNUCMS v1.1.8, where app/index/controller/Show.php is vulnerable to cross-site scripting via the cw parameter in the index.php/index/show/index URL. The cnvd/cnvd-derived details indicate an attacker can supply the cw parameter to inject arbitrary script/HTML, ena...