Three storage XSS were found in wtcms

POC：

javascript:alert(document.cookie)

1.Click on the background article management and fill in the XSS code at the source of the article

Find the published article in the front desk and click on the link to trigger XSS

POC：

javascript:alert(document.cookie)

2.Click on the background menu management, fill in the XSS code at the link, and finally click save

Find the location where the XSS code is inserted in the foreground and click to trigger the XSS attack

POC：

javascript:alert(document.cookie)

3.Click on the background links, fill in the XSS code at the link address, and finally click Save

Find the link address at the bottom of the front desk and click to trigger XSS