Lucene search
GoogleOSV:CVE-2020-25877HistoryJul 09, 2021 - 10:15 p.m.
CVE-2020-25877
2021-07-0922:15:08
Google
osv.dev
1
A stored cross site scripting (XSS) vulnerability in the ‘Add Page’ feature of BlackCat CMS 1.3.6 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the ‘Title’ parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| blackcatcms | eq | 1.2 | |
| blackcatcms | eq | 1.2.2 | |
| blackcatcms | eq | 1.0.1 | |
| blackcatcms | eq | 1.0.3 | |
| blackcatcms | eq | 1.1 | |
| blackcatcms | eq | 1.3.2 | |
| blackcatcms | eq | 1.2.1 | |
| blackcatcms | eq | 1.3.6 | |
| blackcatcms | eq | 1.3.3 | |
| blackcatcms | eq | delete |
Related
cvelist
cvelist
CVE-2020-25877
2021-07-09 21:56:00
cve
cve
CVE-2020-25877
2021-07-09 22:15:08
nvd
nvd
CVE-2020-25877
2021-07-09 22:15:08
prion
prion
Cross site scripting
2021-07-09 22:15:00