CVE-2020-25915
Published
CVSS v3
5.4
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
Cross Site Scripting (XSS) vulnerability in UserController.php in ThinkCMF version 5.1.5, allows attackers to execute arbitrary code via crafted user_login.
ThinkCMF是一款支持Swoole的开源内容管理框架,基于ThinkPHP开发,同时支持PHP-FPM和Swoole双模式,让WEB开发更快!
GitHub