CVE-2018-17425

Name of the Vulnerable Software and Affected Versions WUZHI CMS version 4.1.0

Description The issue is related to stored XSS, which occurs via the "Membership Center" "I want to ask" "detailed description" field under the index.php?m=member URI. This allows for potential malicious script execution.

Recommendations For WUZHI CMS version 4.1.0, update the software to a version that includes a fix for this issue, or consider implementing input validation and sanitization for the "detailed description" field to prevent XSS attacks. As a temporary workaround, consider restricting access to the "Membership Center" feature until a patch is available.