There are some XSS vulnerabilities in FeehiCMS-2.1.1

There is a stored XSS vulnerability in the background of FeehiCMS.

First register a user for testing, then go to Content -> Single Page, upload any picture in the comment box.
![image](https://user-images.githubusercontent.com/79785761/192670164-1e19a62d-5386-4f22-b5d7-472d772fc12b.png)


Then send a comment, capture the odd packet while sending the Forward, change the value of SRC under the

tag in the packet to: 'x' [onerror='alert(1)', and send the message.
![image](https://user-images.githubusercontent.com/79785761/192670190-e2772b31-075a-4886-bb08-7f655403e1fa.png)


Refresh the page, and pop-up windows will appear on the current page and the home page.
![image](https://user-images.githubusercontent.com/79785761/192670208-25192135-79f8-4c47-8fc4-9aa6a363270f.png)

![image](https://user-images.githubusercontent.com/79785761/192670221-f1922ef4-c406-487b-90ee-101850cab0c4.png)



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

There are some XSS vulnerabilities in FeehiCMS-2.1.1 #69

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

There are some XSS vulnerabilities in FeehiCMS-2.1.1 #69

Description

Activity

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions