CVE-2024-39174 Information

Description

A cross-site scripting (XSS) vulnerability in the Publish Article function of yzmcms v7.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a published article.

Reference

https://github.com/0x1ang/cvepbulic/issues/1