CVE-2020-21228

Published October 1st, 2021

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

JIZHICMS 1.5.1 contains a cross-site scripting (XSS) vulnerability in the component /user/release.html, which allows attackers to arbitrarily add an administrator cookie.

Cherry-toto/jizhicms

极致CMS（以下简称:JIZHICMS）是一款开源免费，无商业授权的建站系统。

GitHub

212