2021-09-21 21:15:00 2021-09-29 18:14:00

Cross Site Scripting (XSS) vlnerability exists in WUZHI CMS up to and including 4.1.0 in the config function in coreframe/app/attachment/libs/class/ckditor.class.php.

Vector

NETWORK

Complexity

MEDIUM

Authentication

SINGLE

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE
Advisory Patch Confirmed Link
https://github.com/wuzhicms/wuzhicms/issues/179