Yxcms building system (compatible cell phone) v1.4.7 has XSS via the content parameter to protected\apps\default\view\default\extend_guestbook.php or protected\apps\default\view\mobile\extend_guestbook.php in an index.php?r=default/column/index&col=guestbook request.
References
Link | Resource |
---|---|
https://github.com/QQ704568679/YXcms-Code-audit/blob/master/Yxcms%20Code%20audit | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-03-20T05:00:00
Updated: 2018-03-20T05:57:01
Reserved: 2018-03-19T00:00:00
Link: CVE-2018-8805
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-03-20T05:29:00.287
Modified: 2018-04-13T16:47:31.353
Link: CVE-2018-8805
JSON object: View
Redhat Information
No data.
CWE