Reflected Cross-Site Scripting Vulnerability in EyouCms by Eyou
CVE-2023-41597
6.1MEDIUM
What is CVE-2023-41597?
EyouCms version 1.6.2 is vulnerable to a reflected cross-site scripting (XSS) attack through the /admin/twitter.php?active_t component. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users, potentially leading to session hijacking, redirecting users to malicious sites, or stealing sensitive information. Website administrators and users are urged to apply security patches and update their installations to mitigate the risks associated with this vulnerability.
