### OFCMS background role management storage type XSS
#### Vulnerability Introduction
OFCMS is a content management system based on Java technology. Functions: column template customization, content model customization, multiple site management, online template page editing and other functions. The code is completely open source, MIT license agreement.
#### Vulnerability impact
- < v1.1.3
#### Vulnerability recurrence
1. Login to the background
2. Open the role management, fill in the payload, as shown in the figure

Save, refresh, trigger XSS

暂无评论