3 matches found
CVE-2020-13869
An issue was discovered in the Comments plugin before 1.5.6 for Craft CMS. There is stored XSS via a guest name...
CVE-2020-13869
The CVE-2020-13869 issue affects the Craft CMS Comments plugin prior to version 1.5.6. It enables stored XSS via the guest name field, due to insufficient input sanitization (as corroborated by multiple sources). Impact: attacker-supplied guest name can inject scripts and run in a user’s browser....
Command Execution Vulnerability in Blue Route Blog System (CNVD-2020-13869)
The Blue Route blog system is a user multi-user collaborative writing blog system. A command execution vulnerability exists in the Blue Route Blog System that can be exploited by an attacker to gain control of a web server...