WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link address field under the background links module.
wtcms project wtcms 1.0