CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-24291
https://notcve.org/view.php?id=CVE-2024-24291
An issue in the component /member/index/login of yzmcms v7.0 allows attackers to direct users to malicious sites via a crafted URL. Un problema en el componente /member/index/login de yzmcms v7.0 permite a los atacantes dirigir a los usuarios a sitios maliciosos a través de una URL manipulada. • https://gitee.com/wgd0ay/wgd0ay/issues/I8WSD1 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-52274
https://notcve.org/view.php?id=CVE-2023-52274
member/index/register.html in YzmCMS 6.5 through 7.0 allows XSS via the Referer HTTP header. member/index/register.html en YzmCMS 6.5 a 7.0 permite XSS a través del encabezado HTTP Referer. • https://github.com/yzmcms/yzmcms/issues/65 https://github.com/yzmcms/yzmcms/tags • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •