CVE-2021-36712 Information

Description

Cross Site Scripting (XSS) vulnerability in yzmcms 6.1 allows attackers to steal user cookies via image clipping function.

Reference

http://yzmcms.com https://github.com/linuka-deception/yzmcms6.1.git