AI Score
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Cross Site Scripting (XSS) vulnerability in PwnCYN YXBOOKCMS v.1.0.2 allows a physically proximate attacker to execute arbitrary code via the library name function in the general settings component.
github.com/PwnCYN/YXBOOKCMS/issues/1