CVE-2018-10026

The WeChat module in YzmCMS 3.7.1 has reflected XSS via the admin/module/init.html echostr parameter, related to the valid function in application/wechat/controller/index.class.php.
References
Link Resource
https://github.com/SukaraLin/Drops/blob/master/YZMCMSxss.md Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:yzmcms:yzmcms:3.7.1:*:*:*:*:*:*:*

Information

Published : 2018-04-11 06:29

Updated : 2018-05-16 03:26


NVD link : CVE-2018-10026

Mitre link : CVE-2018-10026

Products Affected
No products.
CWE