| |
Vulnerability CVE-2020-27533
Published: 2020-10-22
| Description: |
A Cross Site Scripting (XSS) issue was discovered in the search feature of DedeCMS v.5.8 that allows malicious users to inject code into web pages, and other users will be affected when viewing web pages. |
See advisories in our WLB2 database: | Topic | Author | Date |
Low |
| Noth | 31.10.2020 |
Type:
CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
CVSS2 => (AV:N/AC:M/Au:S/C:N/I:P/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
3.5/10 |
2.9/10 |
6.8/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
Single time |
| Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
None |
References: |
https://github.com/dedetech/issues/issues/16
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
