CVE-2026-3741
Received Received - Intake
Remote Cross-Site Scripting in YiFang CMS update Function

Publication date: 2026-03-08

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security vulnerability has been detected in YiFang CMS 2.0.5. The affected element is the function update of the file app/db/admin/D_friendLink.php. Such manipulation of the argument linkName leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-08
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-03-08
EPSS Evaluated
2026-06-14
NVD
CVE-2026-3741
EUVD
EUVD-2026-10244
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
yifangcms yifang 2.0.5
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-3741 is a stored Cross-Site Scripting (XSS) vulnerability found in YiFang CMS version 2.0.5. It exists in the update function of the file app/db/admin/D_friendLink.php, specifically in the handling of the user-controllable parameter "linkName."'}, {'type': 'paragraph', 'content': 'The vulnerability arises because the linkName input is taken directly from user input and stored in the database without any filtering or sanitization. This allows an attacker to inject malicious JavaScript code into the linkName parameter.'}, {'type': 'paragraph', 'content': 'When users access the friend links feature, the stored malicious script executes in their browsers, leading to cross-site scripting attacks. The attack can be performed remotely and requires some user interaction.'}] [1, 2, 3]

Impact Analysis

This vulnerability allows remote attackers to inject and execute arbitrary JavaScript code in the browsers of users who access the affected friend links feature in YiFang CMS.

The impact includes potential compromise of data integrity and user session hijacking, as malicious scripts can manipulate or steal sensitive information from users.

Because the malicious code is stored persistently in the database, every user who views the affected page may be exposed to the attack.

Compliance Impact

I don't know

Detection Guidance

This vulnerability can be detected by identifying instances of the vulnerable YiFang CMS 2.0.5, specifically targeting the presence of the file app/db/admin/D_friendLink.php and the associated update function handling the linkName parameter.

One practical method to detect vulnerable targets is to use Google dorking with the query: inurl:app/db/admin/D_friendLink.php to find exposed endpoints.

Additionally, testing for the vulnerability can involve sending crafted POST requests to the /admin/friendLink interface with malicious payloads in the linkName parameter to check if the input is stored and executed, indicating the presence of the stored XSS.

  • Use Google dork: inurl:app/db/admin/D_friendLink.php
  • Send a POST request to /admin/friendLink?callback=ajaxRs with a payload like linkName=<svg onload=alert(1)> and observe if the script executes when accessing the friend links.
Mitigation Strategies

No known mitigations or countermeasures have been published for this vulnerability.

It is suggested to consider replacing the affected component with an alternative product to avoid exposure.

As an immediate step, restrict access to the vulnerable admin interface and monitor for suspicious input or activity related to the linkName parameter.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3741. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart