CVE-2024-28725 Information

May 08, 2024 cve

Description

Cross Site Scripting (XSS) vulnerability in YzmCMS 7.0 allows attackers to run arbitrary code via Ads Management Carousel Management and System Settings.

Reference

https://github.com/asenzhenshuai/DongDong/blob/main/yzmcms-xss.pdf https://github.com/asenzhenshuai/DongDong/issues/1

Share on: