CVE-2024-52680 — EyouCMS 1.6.7 is vulnerable to Cross Site Scripting (XSS) in /login.php?m=admin&... | CVE Daily

Medium CVSS 6.1

Overview

EyouCMS 1.6.7 is vulnerable to Cross Site Scripting (XSS) in /login.php?m=admin&c=System&a=web&lang=cn.

CWE: CWE-79 Published: 2025-08-07T14:15:40.820

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.1 (MEDIUM)
Detected tags: xss (tag impact: MODERATE)

Recommended actions:

Apply context-aware output encoding.
Enable Content-Security-Policy and HttpOnly/SameSite cookies.

Recommended tools

Tags

Cross-site Scripting (XSS)