Escape issues

Repositories
Issues
Comments

Results 2 issues of


                                            Escape

There is a remote code execution vulnerability

As we know Thinkphp5 had a remote code execution in low version , so we can exectue any code in ArticleCMS. ![5db77a10754479fc10eaaa044bbf785](https://user-images.githubusercontent.com/16176698/60561511-580df900-9d86-11e9-8637-17eb627967d7.png) need update the version

There is a stored xss vulnerability via ResourseController.java

the controller "Resourse" exist xss vulnerability ![image](https://user-images.githubusercontent.com/16176698/61020514-a9466a00-a3d0-11e9-9ad2-642ba235f806.png) ![02edb8db811e3d63ceca05066415eb8](https://user-images.githubusercontent.com/16176698/61020379-22918d00-a3d0-11e9-9349-a1e091822ae7.png) ![7116b31202784982d6fe3ae6cad330a](https://user-images.githubusercontent.com/16176698/61020384-23c2ba00-a3d0-11e9-9cba-b214a5d8a42e.png)