thinkphp-bjyblog is affected by a Cross Site Scripting (XSS) vulnerability in AdminBaseController.class.php. The exit function will terminate the script and print the message to the user which has $_SERVER['HTTP_HOST']. Author enferas commented Dec 9, 2021 Similar sinks that I can see ...