CVE-2022-38527 Information

Description

UCMS v1.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Import function under the Site Management page.

Reference

https://github.com/Zoe0427/UCMS-v1.6/blob/gh-pages/UCMS_v1.6.0%20XSS.md