3 matches found
CVE-2020-25915
Cross Site Scripting XSS vulnerability in UserController.php in ThinkCMF version 5.1.5, allows attackers to execute arbitrary code via crafted userlogin...
CVE-2020-25915
Cross Site Scripting XSS vulnerability in UserController.php in ThinkCMF version 5.1.5, allows attackers to execute arbitrary code via crafted userlogin...
CVE-2020-25915
ThinkCMF 5.1.5 has a Cross-Site Scripting (XSS) vulnerability in UserController.php (CVE-2020-25915). Exploitation via crafted user_login could allow arbitrary code execution on affected systems. The issue is described consistently across NVD/Red Hat/CNVD/OSV entries and related advisories. No co...