XSS Vulnerability in FineCms 5.0.11's OAuth Function with Internet Explorer Referer Header

XSS Vulnerability in FineCms 5.0.11's OAuth Function with Internet Explorer Referer Header

CVE-2017-14193 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The oauth function in controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer.

Learn more about our Api Penetration Testing.