2 matches found
CVE-2019-9145
An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page...
CVE-2019-9145
CVE-2019-9145 — Normal mode Vulnerability: In Hsycms V1.1, there is a cross-site scripting (XSS) flaw via the name field on the /book page. The root cause is insufficient sanitization/validation of user-supplied input in that field, allowing injected script or HTML to be rendered by an attacker-c...