2 matches found
CVE-2024-39174
A cross-site scripting XSS vulnerability in the Publish Article function of yzmcms v7.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a published article...
CVE-2024-39174
CVE-2024-39174 affects yzmcms v7.1, where the Publish Article function is vulnerable to cross-site scripting (XSS) via a crafted payload injected into a published article. The issue is described consistently across sources (RH, NVD, OSV, CNNVD, CVE listings) as a reflected/stored-style XSS vulner...