2 matches found
CVE-2020-23208
A stored cross site scripting XSS vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Send test" field under the "Start or continue campaign" module...
CVE-2020-23208
The CVE-2020-23208 entry concerns phplist 3.5.3 with a stored XSS vulnerability in the Send test payload field within the Start or continue campaign workflow. Exploitation would allow attackers to execute arbitrary web scripts/HTML in a victim’s browser when the payload is processed. The document...