andrzuk/FineCMS before 2017-05-26 is vulnerable to a reflected XSS in sitename

There is a xss vulnerable
 in Finecms adminpage  when user inputr site name as <svg/onload=alert('sitenamexss')>

the xss vulnerable  in all page


暂无评论

发布评论