Cross Site Scripting vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via the HTTP_Referer header of the caina.php component.Referenceshttps://github.com/gkdgkd123/codeAudit/blob/main/CVE-2024-44818%20ZZCMS2023%E5%8F%8D%E5%B0%84%E5%9E%8BXSS3.md