Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2020-15274
HistoryOct 26, 2020 - 7:15 p.m.

CVE-2020-15274

2020-10-2619:15:12
Google
osv.dev
5
wiki.js
xss
vulnerability
fix
search results

AI Score

6

Confidence

High

EPSS

0.001

Percentile

25.8%

JSON

In Wiki.js before version 2.5.162, an XSS payload can be injected in a page title and executed via the search results. While the title is properly escaped in both the navigation links and the actual page title, it is not the case in the search results. Commit a57d9af34c15adbf460dde6553d964efddf433de fixes this vulnerability (version 2.5.162) by properly escaping the text content displayed in the search results.

Related

cve 1
cvelist 1
prion 1
nvd 1
cve
cve
CVE-2020-15274
2020-10-26 19:15:12
cvelist
cvelist
CVE-2020-15274 Stored XSS via search result in Wiki.js
2020-10-26 18:35:19
prion
prion
Cross site scripting
2020-10-26 19:15:00
nvd
nvd
CVE-2020-15274
2020-10-26 19:15:12

AI Score

6

Confidence

High

EPSS

0.001

Percentile

25.8%

JSON
Related for OSV:CVE-2020-15274
cve1cvelist1prion1nvd1