LinZhaoguan pb-cms Classification Management Page cross site scripting

A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Classification Management Page. The manipulation of the argument Classification name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

pb-cms 代码注入漏洞

pb-cms（瀑布内容管理系统）是LinZhaoguan个人开发者的一个内容管理系统。 pb-cms 2.0版本存在代码注入漏洞，该漏洞源于对参数Classification name的错误操作会导致跨站脚本。

N/A

N/A