2 matches found
CVE-2020-35971
A storage XSS vulnerability is found in YzmCMS v5.8, which can be used by attackers to inject JS code and attack malicious XSS on the /admin/systemmanage/userconfigedit.html page...
YzmCMS Cross-Site Scripting Vulnerability (CNVD-2019-07930)
YzmCMS is an open source CMS Content Management System by Yuan Zhimeng programmers in China. A cross-site scripting vulnerability exists in YzmCMS version 5.2. A remote attacker can exploit this vulnerability to inject arbitrary Web script or HTML with the help of the 'configuration value'...