thinkcmf/thinkcmf is vulnerable to cross-site scripting.The vulnerability exists in multiple functions due to insufficient sanitization of the slideshow management section which allows an attacker to inject and execute malicious JavaScript into the system.
CPE | Name | Operator | Version |
---|---|---|---|
thinkcmf/thinkcmf | le | v6.0.7 | |
thinkcmf/thinkcmf | le | v6.0.7 |