Security Advisory

CVE-2020-18084

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-30 20:37:38

Last updated 2024-08-04 14:00:48

Assigner mitre

State PUBLISHED

Description

Cross Site Scripting (XSS) in yzmCMS v5.2 allows remote attackers to execute arbitrary code by injecting commands into the "referer" field of a POST request to the component "/member/index/login.html" when logging in.

← Browse all CVEs View on cve.org ↗