2 matches found
CVE-2020-28124
Cross Site Scripting XSS in LavaLite 5.8.0 via the Address field...
CVE-2020-28124
CVE-2020-28124 describes a Cross-Site Scripting (XSS) vulnerability in LavaLite CMS 5.8.0 exploitable via the address field. The issue arises from insufficient input sanitization of the address field, enabling injected script content that could be reflected or stored depending on context (per sou...