CVE-2022-41472
- Reference to the description:
- Description:
- 74cmsSE v3.12.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /apiadmin/notice/add. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.
- Last updated date:
- 10/29/2022
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 10/19/2022
- Reference url to background
https://github.com/xxhzz1/74cmsSE-Storage-cross-site-scripting-vulnerability/issues/1