CVE-2023-51252 Information

Description

PublicCMS 4.0 is vulnerable to Cross Site Scripting (XSS). Because files can be uploaded and online preview function is provided pdf files and html files containing malicious code are uploaded an XSS popup window is realized through online viewing.

Reference

https://github.com/sanluan/PublicCMS/issues/79