Medium severity6.1NVD Advisory· Published Jun 22, 2021· Updated Jun 17, 2026
CVE-2020-18654
CVE-2020-18654
Description
Cross Site Scripting (XSS) in Wuzhi CMS v4.1.0 allows remote attackers to execute arbitrary code via the "Title" parameter in the component "/coreframe/app/guestbook/myissue.php".
Affected products
2- Wuzhi/CMSdescription
Patches
Vulnerability mechanics
References
1- github.com/wuzhicms/wuzhicms/issues/174nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.