3 matches found
CVE-2020-19962
A stored cross-site scripting XSS vulnerability in the getClientIp function in /lib/tinwin.class.php of Chaoji CMS 2.39, allows attackers to execute arbitrary web scripts...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the getClientIp function in /lib/tinwin.class.php of Chaoji CMS 2.39, allows attackers to execute arbitrary web scripts...
CVE-2020-19962
CVE-2020-19962: A stored XSS in the getClientIp function of /lib/tinwin.class.php in Chaoji CMS 2.39. The vulnerability allows attackers to execute arbitrary web scripts. Severity rated MEDIUM (CVSSv3.1 5.4; Cvss2 3.5). No exploitation details or fixes are provided in the connected documents. No ...