CVE-2019-13971 (NVD)
- Vulnerability Info (edit)OTCMS 3.81 allows XSS via the mode parameter in an apiRun.php?mudi=autoRun request.
| Products | Otcms |
| Type |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79) |
| First patch | - None (likely due to unavailable code) |
| Links | https://cisk123456.blogspot.com/2019/05/otcms-xss.html |
| Annotation |
Note: No patch was assigned yet. |