CVE-2017-14522

Published: Jan 26, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

In WonderCMS 2.3.1, the application's input fields accept arbitrary user input resulting in execution of malicious JavaScript. NOTE: the vendor disputes this issue stating that this is a feature that enables only a logged in administrator to write execute JavaScript anywhere on their website

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://securitywarrior9.blogspot.in/2018/01/stored-xss-in-wonder-cms.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-14522

Description

Affected Products

References