CVE-2022-3992
Cross-Site Scripting in WonderCMS
Description: A cross-site scripting (XSS) vulnerability in Sanitization Management System v1.0 allows potential attackers to upload arbitrary files via a crafted name into the system logo Fields of the System Info Fields. The cookie has no HttpOnly Flag this could be used to steal the cookies of logged-in users. How To Reproduce: