An issue exists in WUZHI CMS 4.1.0 There is a Stored XSS Vulnerability in "Account Settings -> Member Centre -> Chinese information -> Ordinary member" via a QQ number, as demonstrated by a form[qq_10]= substring.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wuzhicms wuzhi cms 4.1.0 |