DedeCMS v6.2 was discovered to contain a Cross-site Scripting (XSS) vulnerability via spec_add.php.Referenceshttps://github.com/CP1379767017/cms/blob/dreamcms_vul/dedevCMS/dedeCMS_XSS.md
