CVE-2019-16657

Published September 21st, 2019

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

TuziCMS 2.0.6 has XSS via the PATH_INFO to a group URI, as demonstrated by index.php/article/group/id/2/.

yeyinshi/tuzicms

TuziCMS（兔子cms）是基于ThinkPHP3.2框架开发的企业网站管理系统，提供更方便、更安全的WEB应用开发体验，国内PHP+MYSQL 开源建站程序，它具有操作简单、功能强大、稳定性好、扩展性强，二次开发及后期维护方便，可以帮您快速构建起一个强大专业的企业网站。交流官方QQ群：383851010

GitHub