A vulnerability exists in WUZHI CMS 4.1.0. There is persistent XSS that allows remote malicious users to inject arbitrary web script or HTML via the tag[pinyin] parameter to the /index.php?m=tags&f=index&v=add URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wuzhicms wuzhi cms 4.1.0 |