idreamsoft iCMS Cross-Site Scripting Vulnerability (CNVD-2019-12119)
iCMS is an efficient and simple content management system built with PHP and MySQL. A cross-site scripting vulnerability exists in app/search/search.app.php in idreamsoft iCMS 7.0.14, which can be exploited by an attacker via the public/api.php?app=search q parameter...