Gougucms: >> Gougucms >> 4.08.18 Security Vulnerabilities
gougucms v4.08.18 was discovered to contain a password reset poisoning vulnerability which allows attackers to arbitrarily reset users' passwords via a crafted packet.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-10-27
A stored cross-site scripting (XSS) vulnerability in /home/user/edit_submit of gougucms v4.08.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the headimgurl parameter.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-27