This article is a part of our Vulnerability Database (back to index)
Cross-site Scripting occurrences in Yzmcms
A cross-site scripting (XSS) vulnerability in the /banner/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML. (2021-09-23, CVE-2020-19950)
A cross-site scripting (XSS) vulnerability in the /link/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML. (2021-09-23, CVE-2020-19949)
Cross Site Scripting (XSS) vulnerabiity in YzmCMS 5.2 via the site_code parameter in admin/index/init.html. (2021-07-30, CVE-2020-19118)
A storage XSS vulnerability is found in YzmCMS v5.8, which can be used by attackers to inject JS code and attack malicious XSS on the /admin/system_manage/user_config_edit.html page. (2021-06-03, CVE-2020-35971)
In YzmCMS 5.6, stored XSS exists via the common/static/plugin/ueditor/1.4.3.3/php/controller.php action parameter, which allows remote attackers to upload a swf file. The swf file can be injected with arbitrary web script or HTML. (2021-05-10, CVE-2020-23370)
In YzmCMS 5.6, XSS was discovered in member/member_content/init.html via the SRC attribute of an IFRAME element because of using UEditor 1.4.3.3. (2021-05-10, CVE-2020-23369)
Cross Site Scripting (XSS) in yzmCMS v5.2 allows remote attackers to execute arbitrary code by injecting commands into the "referer" field of a POST request to the component "/member/index/login.html" when logging in. (2021-04-30, CVE-2020-18084)
In YzmCMS v5.5 the member contribution function in the editor contains a cross-site scripting (XSS) vulnerability. (2020-11-19, CVE-2020-22394)
YzmCMS 5.1 has XSS via the admin/system_manage/user_config_add.html title parameter. (2019-06-20, CVE-2018-16247)
Stored XSS exists in YzmCMS 5.2 via the admin/category/edit.html "catname" parameter. (2019-03-11, CVE-2019-9660)
Stored XSS exists in YzmCMS 5.2 via the admin/system_manage/user_config_edit.html "value" parameter, (2019-03-11, CVE-2019-9661)
An issue was discovered in YzmCMS 5.2.0. It has XSS via the bottom text field to the admin/system_manage/save.html URI, related to the site_code parameter. (2019-03-05, CVE-2019-9570)
An issue was discovered in YzmCMS 5.2. XSS exists via the admin/content/search.html searinfo parameter. (2018-12-04, CVE-2018-19849)
An issue was discovered in YzmCMS v5.2. It has XSS via a search/index/archives/pubtime/ query string, as demonstrated by the search/index/archives/pubtime/1526387722/page/1.html URI. NOTE: this does not obtain a user's cookie. (2018-11-07, CVE-2018-19092)
In YzmCMS 5.1, stored XSS exists via the admin/system_manage/user_config_add.html title parameter. (2018-09-14, CVE-2018-17044)
The WeChat module in YzmCMS 3.7.1 has reflected XSS via the admin/module/init.html echostr parameter, related to the valid function in application/wechat/controller/index.class.php. (2018-04-11, CVE-2018-10026)
YzmCMS 3.7 has Stored XSS via the title parameter to advertisement/adver/edit.html. (2018-03-13, CVE-2018-8078)
In YzmCMS 3.6, index.php has XSS via the a, c, or m parameter. (2018-03-04, CVE-2018-7653)
Why Cross-site Scripting can be dangerous
Cross site scripting is an attack where a web page executes code that is injected by an adversary. It usually appears, when users input is presented. This attack can be used to impersonate a user, take over control of the session, or even steal API keys.
The attack can be executed e.g. when you application injects the request parameter directly into the HTML code of the page returned to the user:
https://server.com/confirmation?message=Transaction+Complete
what results in:
<span>Confirmation: Transaction Complete</span>
In that case the message can be modified to become a valid Javascript code, e.g.:
https://server.com/confirmation?message=<script>dangerous javascript code here</script>
and it will be executed locally by the user's browser with full access to the user's personal application/browser data:
<span>Confirmation: <script>dangerous javascript code here</script></span>