74cmsSE v3.12.0 exists to contain a cross-site scripting (XSS) vulnerability via the component /apiadmin/notice/add. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
74cms 74cmsse 3.12.0 |
Vulmon