Vulnerability CVE-2024-28725
Published: 2024-05-06

Description:
Cross Site Scripting (XSS) vulnerability in YzmCMS 7.0 allows attackers to run arbitrary code via Ads Management, Carousel Management, and System Settings.

 References:
https://github.com/asenzhenshuai/DongDong/blob/main/yzmcms-xss.pdf
https://github.com/asenzhenshuai/DongDong/issues/1
Copyright 2026, cxsecurity.com

 

Back to Top