CVE-2024-35110

Published
View on NVD ↗
CVSS v3
5.5
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

A reflected XSS vulnerability has been found in YzmCMS 7.1. The vulnerability exists in yzmphp/core/class/application.class.php: when logged-in users access a malicious link, their cookies can be captured by an attacker.

yzmcms/yzmcms
yzmcms/yzmcms
YzmCMS是一款基于YZMPHP开发的一套轻量级开源内容管理系统,YzmCMS简洁、安全、开源、实用,可运行在Linux、Windows、MacOSX、Solaris等各种平台上,专注为公司企业、个人站长快速建站提供解决方案。
GitHubGitHub
292