2 matches found
CVE-2023-48880
A stored cross-site scripting XSS vulnerability in EyouCMS v1.6.4-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu Name field at /login.php?m=admin&c=Index&a=changeTableVal&ajax=1&lang=cn...
CVE-2023-48880
CVE-2023-48880 affects EyouCMS v1.6.4-UTF8-SP1. It describes a stored XSS via the Menu Name field when calling /login.php?m=admin&c=Index&a=changeTableVal&_ajax=1&lang=cn. The practical impact is arbitrary script/HTML execution in the admin login context. Connected sources indicate the vulnerable...