Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
u5cms version 8.3.5 is vulnerable to Cross Site Scripting (XSS). When a user accesses the default home page if the parameter passed in is http://127.0.0.1/? "Onmouseover=%27tzgl (96502)%27bad=", it can cause html injection.
No PoCs from references.
- https://github.com/20142995/nuclei-templates
- https://github.com/Sharpforce/cybersecurity
- https://github.com/cyb3r-w0lf/nuclei-template-collection