A cross-site scripting (XSS) vulnerability in the system bulletin component of WUZHI CMS v4.1.0 allows malicious users to steal the admin's cookie.
wuzhicms wuzhi cms 4.1.0