CVE-2022-40002 Information

Description

Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to /cms/notify.

Reference

https://github.com/liufee/cms/issues/66