AI Score
Confidence
High
EPSS
Percentile
17.7%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
TpMeCMS 1.3.3.2 is vulnerable to Cross Site Scripting (XSS) in /h.php/page?ref=addtabs via the “Title,” “Images,” and “Content” fields.
github.com/147536951/Qianyi/blob/main/Tp_xss.md