Medium severity4.8NVD Advisory· Published Apr 11, 2018· Updated Jun 17, 2026
CVE-2018-10026
CVE-2018-10026
Description
The WeChat module in YzmCMS 3.7.1 has reflected XSS via the admin/module/init.html echostr parameter, related to the valid function in application/wechat/controller/index.class.php.
Affected products
1Patches
Vulnerability mechanics
References
1- github.com/SukaraLin/Drops/blob/master/YZMCMSxss.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.