CVE-2024-35110
CVE-2024-35110
A reflected XSS vulnerability has been found in YzmCMS 7.1. The vulnerability exists in yzmphp/core/class/application.class.php: when logged-in users access a malicious link, their cookies can be captured by an attacker.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →