Lucene search
China National Vulnerability DatabaseCNVD-2023-64279HistoryAug 15, 2023 - 12:00 a.m.
LeptonCMS Cross-Site Scripting Vulnerability (CNVD-2023-64279)
2023-08-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
2
leptoncms
cross-site scripting
vulnerability
user-supplied data
exploited
EPSS
0.001
Percentile
40.6%
LeptonCMS is a content management system (CMS). A cross-site scripting vulnerability exists in LeptonCMS version 4.7.0, which stems from the lack of effective filtering and escaping of user-supplied data in the backend/pages/modify.php file, which can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted payload.
Related
cvelist
cvelist
CVE-2020-24872
2023-08-11 00:00:00
cve
cve
CVE-2020-24872
2023-08-11 14:15:10
nvd
nvd
CVE-2020-24872
2023-08-11 14:15:10
prion
prion
Cross site scripting
2023-08-11 14:15:00