2 matches found
CVE-2020-36492
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component selectmedia.php via the activepath, keyword, tag, fmdo=x&filename, CKEditor and CKEditorFuncNum parameters...
CVE-2020-36492
DedeCMS v7.5 SP2 is affected by multiple cross-site scripting (XSS) vulnerabilities in the select_media.php component. The issues are triggered via the parameters activepath, keyword, tag, fmdo=x&filename, CKEditor, and CKEditorFuncNum. The connected records confirm DedeCMS as the vendor/product ...