CVE-2022-28522

CVE-2022-28522

EPSS 0.6%

ZCMS v20170206 was discovered to contain a stored cross-site scripting (XSS) vulnerability via index.php?m=home&c=message&a=add.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/jorycn/thinkphp-zcms/issues/5 https://github.com/zhendezuile/bug_report/blob/main/zcms