CVE-2018-18724

Name of the Vulnerable Software and Affected Versions YUNUCMS version 1.1.5

Description A cross-site scripting (XSS) issue was found in the "index.php/admin/category/editcategory?id=73" API endpoint. This issue affects the ability to securely manage categories.

Recommendations For YUNUCMS version 1.1.5, update to a newer version that contains a fix for this issue, if available. As a temporary workaround, consider restricting access to the "index.php/admin/category/editcategory?id=73" endpoint until a patch is available. Avoid using the id parameter in the affected endpoint until the issue is resolved.