DedeCMS Cross-Site Scripting Vulnerability (CNVD-2018-21795)
DedeCMS is a PHP-based web content management system CMS. A cross-site scripting vulnerability exists in the /member/pm.php page in DedeCMS version 5.7 SP2. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the help of the 'folder' parameter...