MidnightBSD

Advisories for yiicms_project

CVE-2020-21246

Cross Site Scripting vulnerability in YiiCMS v.1.0 allows a remote attacker to execute arbitrary code via the news function.

Products Affected

Vendor Product Version
yiicms_project yiicms 1.0