Aaalking

**Name of the Vulnerable Software and Affected Versions** YzmCMS versions 6.5 through 7.0 **Description** The issue allows for XSS via the Referer HTTP header in the member/index/register.html page. **Recommendations** For YzmCMS versions 6.5 through 7.0, consider restricting access to the member/index/register.html page until a patch is available. As a temporary workaround, avoid using the Referer HTTP header in this context to minimize the risk of exploitation.