Lucene search
PRIOn knowledge basePRION:CVE-2020-25102HistorySep 03, 2020 - 5:15 p.m.
Cross site scripting
2020-09-0317:15:00
PRIOn knowledge base
www.prio-n.com
2
0.001 Low
EPSS
Percentile
32.7%
silverstripe-advancedreports (aka the Advanced Reports module for SilverStripe) 1.0 through 2.0 is vulnerable to Cross-Site Scripting (XSS) because it is possible to inject and store malicious JavaScript code. The affects admin/advanced-reports/DataObjectReport/EditForm/field/DataObjectReport/item (aka report preview) when an SVG document is provided in the Description parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| advanced_reports | ge | 1.0 | |
| advanced_reports | le | 2.0 |
Related
veracode
veracode
Cross-Site Scripting (XSS)
2020-09-04 06:51:36
osv
osv
silverstripe-advancedreports vulnerable to XSS
2022-05-24 17:27:21
cvelist
cvelist
CVE-2020-25102
2020-09-03 16:35:21
nvd
nvd
CVE-2020-25102
2020-09-03 17:15:11
cve
cve
CVE-2020-25102
2020-09-03 17:15:11
github
github
silverstripe-advancedreports vulnerable to XSS
2022-05-24 17:27:21