CVE-2020-20640
The CVE-2020-20640 entry describes a Cross Site Scripting (XSS) vulnerability in ECShop 4.0, triggered via the user.php file by bypassing the safety.php security policy through HTML entity encoding. The issue arises from security filtering gaps, enabling XSS (no full details on exploitation metho...