CVE-2024-28725

Name of the Vulnerable Software and Affected Versions YzmCMS version 7.0

Description The issue allows attackers to run arbitrary code via Ads Management, Carousel Management, and System Settings. This is a Cross Site Scripting (XSS) issue.

Recommendations For YzmCMS version 7.0, update to a version that includes a fix for this issue, as no specific workaround is provided in the available information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.