2 matches found
CVE-2019-9595
AppCMS 2.0.101 allows XSS via the upload/callback.php params parameter...
CVE-2019-9595
CVE-2019-9595 affects AppCMS 2.0.101 and enables cross-site scripting via the upload/callback.php parameters. The vulnerability is a client-visible XSS in a parameter passed to the upload/callback.php endpoint. NVD reports CVSS v2 base score 4.3 (MEDIUM) with network access, and CVSS v3 base scor...