CVE-2020-21228

Name of the Vulnerable Software and Affected Versions: JIZHICMS version 1.5.1

Description: The issue is related to a cross-site scripting (XSS) vulnerability in the /user/release.html component, which allows attackers to arbitrarily add an administrator cookie. This could potentially lead to unauthorized access and control of the system.

Recommendations: For JIZHICMS version 1.5.1, consider disabling access to the /user/release.html component until a patch is available to prevent exploitation of the XSS vulnerability. Restricting the ability to add administrator cookies can help minimize the risk of unauthorized system control.