CVE-2023-1635
CVE-2023-1635 affects OTCMS 6.72. The vulnerability is in the function AutoRun of the file apiRun.php, where manipulating the argument mode leads to a cross-site scripting (XSS) condition. The issue can be exploited remotely (network vector) and requires user interaction to trigger per the report...