feehi/feehicms is vulnerable to cross-site scripting. The vulnerability exists when sending picture comments in single page module which allows an attacker to inject and execute arbitrary javascript via a crafted payload.
CPE | Name | Operator | Version |
---|---|---|---|
feehi/feehicms | eq | 2.0.1.1 | |
feehi/feehicms | eq | 2.0.1.1 |