3 matches found
CVE-2019-20377
TopList before 2019-09-03 allows XSS via a title...
CVE-2019-20377
TopList before 2019-09-03 allows XSS via a title...
CVE-2019-20377
CVE-2019-20377 affects TopList (Go-based content aggregator). The connected documents indicate a Cross-Site Scripting (XSS) flaw exploitable via the page title in TopList prior to 2019-09-03. Root cause noted in CNVD-2020-14075 as lack of proper validation of client-side data, leading to injectio...