CVE-2023-46394

A stored cross-site scripting (XSS) vulnerability in /home/user/edit_submit of gougucms v4.08.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the headimgurl parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt