20Tem
CVE-2024-6941 | ThinkSAAS 3.7.0 app/system/action/do.php cross site scripting (Issue 36)
A vulnerability, which was classified as problematic, has been found in ThinkSAAS 3.7.0. This issue affects some unknown processing of the file app/system/action/do.php. The manipulation of the argument site_title/site_subtitle/site_key/site_desc/site_url/site_email/site_icp leads to cross site scripting. The identification of this vulnerability is CVE-2024-6941. The attack may be initiated remotely. Furthermore, there is an exploit available.