Headline
GHSA-gqr4-cvf4-3957: YiiCMS Cross Site Scripting vulnerability
Cross Site Scripting vulnerability in YiiCMS v.1.2.0 and prior allows a remote attacker to execute arbitrary code via the news function. A fix is available at commit 4a9d68564eb78d9f64e3f5dd77186a154093615b.
YiiCMS Cross Site Scripting vulnerability
Moderate severity GitHub Reviewed Published Jun 20, 2023 to the GitHub Advisory Database • Updated Jun 21, 2023
Related news
CVE-2020-21246: Cross-Site Scripting (XSS) · Issue #6 · yongshengli/yiicms
Cross Site Scripting vulnerability in YiiCMS v.1.0 allows a remote attacker to execute arbitrary code via the news function.