2 matches found
CVE-2020-18022
CVE-2020-18022 affects Qibosoft QiboCMS v7 and earlier via a flaw in the embedded editor component (ewebeditor 3.1.1 / kindeditor.js). The vulnerability allows remote attackers to inject commands through HTTP requests, enabling Cross Site Scripting (XSS) that can lead to arbitrary code execution ...
CVE-2020-18022
Cross Site Scripting XSS in Qibosoft QiboCMS v7 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information by injecting arbitrary commands in a HTTP request to the "ewebeditor\3.1.1\kindeditor.js" component...