First published: Fri Jan 20 2023(Updated: )
EyouCMS <= 1.6.0 was discovered a reflected-XSS in article type editor component in POST value "name" if the value contains a malformed UTF-8 char.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Eyoucms Eyoucms | <=1.6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2022-45540.
The severity level of CVE-2022-45540 is medium.
EyouCMS versions up to and including 1.6.0 are affected by CVE-2022-45540.
CVE-2022-45540 allows for reflected-XSS attacks if the POST value "name" contains a malformed UTF-8 character.
To fix CVE-2022-45540, it is recommended to update to a version of EyouCMS that is higher than 1.6.0.