In WonderCMS 2.3.1, the application's input fields accept arbitrary user input resulting in execution of malicious JavaScript. NOTE: the vendor disputes this issue stating that this is a feature that enables only a logged in administrator to write execute JavaScript anywhere on their website
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wondercms wondercms 2.3.1 |