b3log Symphony cross-site scripting vulnerability (CNVD-2017-38345)
b3log Symphony aka Sym is an open source set of modern community platforms written in the Java language, including forums, BBS, SNS and blogs. A cross-site scripting vulnerability exists in b3log Symphony version 2.2.0. A remote attacker can exploit this vulnerability to obtain a user cookie by...