CVE-2023-49494

Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7.111

Description A reflective cross-site scripting (XSS) issue was discovered in DedeCMS via the component select media post wangEditor.php. This allows for potential XSS attacks.

Recommendations For DedeCMS version 5.7.111, as a temporary workaround, consider disabling the select media post wangEditor.php component until a patch is available. Restrict access to this component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.