CVE-2021-39428 Information

Description

Cross Site Scripting (XSS) vulnerability in Users.php in eyoucms 1.5.4 allows remote attackers to run arbitrary code and gain escalated privilege via the filename for edit_users_head_pic.

Reference

https://github.com/eyoucms/eyoucms/issues/14