There are some XSS vulnerabilities in FeehiCMS-2.1.1

[Zzr7x]

There is a stored XSS vulnerability in the background of FeehiCMS.

First register a user for testing, then go to Content -> Single Page, upload any picture in the comment box.

Then send a comment, capture the odd packet while sending the Forward, change the value of SRC under the

tag in the packet to: 'x' [onerror='alert(1)', and send the message.

Refresh the page, and pop-up windows will appear on the current page and the home page.