74cms is a PHP and MySQL-based online recruitment system from China Xunyi Technology Company. 74cms version v3.5.1 contains a cross-site scripting vulnerability, which originates from the path /index/jobfairol/show/ lack of data validation filtering for user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.