2 matches found
CVE-2020-14014
An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. The query parameter fid on the resource navigate.php does not perform sufficient data validation and/or encoding, making it vulnerable to reflected XSS...
CVE-2020-14014
Navigate CMS versions 2.8 and 2.9 r1433 are vulnerable to reflected XSS via the fid query parameter in navigate.php due to insufficient validation/encoding. Documented across multiple feeds (NVD, Red Hat, CNVD, CNVD/PRION variants), confirming the root cause as unsanitized client input leading to...