Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remote malicious user to execute arbitrary code via the typeid parameter in the makehtml_list_action.php component.