First published: Mon Jun 19 2023(Updated: )
A stored cross-site scripting (XSS) vulnerability in Eyoucms v1.6.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the web_recordnum parameter.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Eyoucms Eyoucms | =1.6.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this vulnerability is CVE-2023-34657.
The severity of CVE-2023-34657 is medium.
The affected software version is Eyoucms v1.6.2.
An attacker can exploit CVE-2023-34657 by injecting a crafted payload into the web_recordnum parameter to execute arbitrary web scripts or HTML.
Please refer to the referenced link for information on available fixes for CVE-2023-34657.