gaoming13/wechat-php-sdk is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in serve()
function in ‘Wechat.php’, allowing an attacker to inject and execute malicious script.
CPE | Name | Operator | Version |
---|---|---|---|
gaoming13/wechat-php-sdk | le | v1.10.2 | |
gaoming13/wechat-php-sdk | le | v1.10.2 |