First published: Fri Jan 20 2023(Updated: )
EyouCMS <= 1.6.0 was discovered a reflected-XSS in FileManager component in GET value "activepath" when creating a new file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Eyoucms Eyoucms | <=1.6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2022-45539.
CVE-2022-45539 has a severity level of medium (6.1).
CVE-2022-45539 affects EyouCMS versions up to and including 1.6.0.
The CWE ID for CVE-2022-45539 is 79 (Improper Neutralization of Input During Web Page Generation).
You can find more information about CVE-2022-45539 at the following reference link: [Reference](https://github.com/weng-xianhu/eyoucms/issues/38)