CVE-2024-30952
PESCMS-TEAM v2.3.6 contains a stored XSS vulnerability exploitable via a crafted payload in the domain input field at /youdoamin/?g=Team&m=Setting&a=action. Affected component: domain input handling in the API endpoint; impact: execution of arbitrary web scripts/HTML. Some sources mention a tempo...