CVE-2023-2294

CVE-2023-2294 affects UCMS 1.6.0. The vulnerability is in the file saddpost.php of the Column Configuration component, where manipulating the parameter strorder can lead to a cross-site scripting (XSS) vulnerability. The issue can be exploited remotely and has been disclosed publicly. Multiple co...

CVE-2023-2294 UCMS Column Configuration saddpost.php cross site scripting

A vulnerability was found in UCMS 1.6.0. It has been classified as problematic. This affects an unknown part of the file saddpost.php of the component Column Configuration. The manipulation of the argument strorder leads to cross site scripting. It is possible to initiate the attack remotely. The...

UCMS 跨站脚本漏洞

UCMS is a content management system written in PHP. A cross-site scripting vulnerability exists in UCMS version 1.6.0, which stems from a problem with the file saddpost.php, where incorrect manipulation of the parameter strorder can lead to cross-site scripting...

PT-2023-18783 · Ucms · Ucms

Name of the Vulnerable Software and Affected Versions: UCMS version 1.6.0 Description: A problematic issue was found in the file saddpost.php of the component Column Configuration. The manipulation of the strorder argument leads to cross-site scripting. It is possible to initiate the attack...