Yohane-Nlm

**Name of the Vulnerable Software and Affected Versions** jizhicms version 2.5.1 **Description** The issue is related to a Cross-Site Scripting (XSS) vulnerability in the message function. This vulnerability allows for the injection of malicious scripts. To prevent exploitation, it is recommended to sanitize user input before output. **Recommendations** For jizhicms version 2.5.1, update to a patched version if available. As a temporary workaround, consider sanitizing user input in the message function to prevent the injection of malicious scripts.