Arbitrary JavaScript Execution Vulnerability in WonderCMS 2.3.1
CVE-2017-14522 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
In WonderCMS 2.3.1, the application's input fields accept arbitrary user input resulting in execution of malicious JavaScript. NOTE: the vendor disputes this issue stating that this is a feature that enables only a logged in administrator to write execute JavaScript anywhere on their website
Learn more about our Web App Pen Testing.