CVE-2024-48239

Published
View on NVD ↗
CVSS v3
4.8
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

An issue was discovered in WTCMS 1.0. In the plupload method in \AssetController.class.php, the app parameters aren't processed, resulting in Cross Site Scripting (XSS).

taosir/wtcms
taosir/wtcms
基于thinkphp的内容管理系统,可快速搭建个人博客、公司学校官网、新闻类站点。
GitHubGitHub
113