Cross Site Scripting (XSS) vulnerability in HongCMS 3.0 allows malicious users to run arbitrary code via the callback parameter to /ajax/myshop.
hongcms project hongcms 3.0.0