Denyorallow

**Name of the Vulnerable Software and Affected Versions** WSTMart version 2.0.8 181212 **Description** The issue concerns a stored XSS in the "mall some commodity details: commodity consultation" component. This occurs via the `consultContent` parameter, as demonstrated by the "/home/goodsconsult/add.html" API endpoint in the index.php file. **Recommendations** For WSTMart version 2.0.8 181212, consider restricting access to the `consultContent` parameter in the "/home/goodsconsult/add.html" API endpoint to minimize the risk of exploitation. Avoid using the `consultContent` parameter until the issue is resolved.