Cross Site Scripting (XSS) vulnerability in UserController.php in ThinkCMF version 5.1.5, allows malicious users to execute arbitrary code via crafted user_login.
thinkcmf thinkcmf 5.1.5