Xycms
Monthly
system/edit_book.php in XYCMS 1.7 has stored XSS via a crafted add_do.php request, related to add_book.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
system/edit_book.php in XYCMS 1.7 has stored XSS via a crafted add_do.php request, related to add_book.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.