An issue was discovered in PHPMyWind 5.5. The method parameter of the data/api/oauth/connect.php page has a reflected Cross-site Scripting (XSS) vulnerability.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7661
Reference (s):
- https://github.com/0xUhaw/CVE-Bins/tree/master/PHPMyWind/XSS-1