The vulnerability of the media_main.php component in the DedeCMS content management system, related to the lack of protective measures for website structures, allows attackers to carry out XSS attacks.

The vulnerability of the mediamain.php component in the DedeCMS content management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform XSS attacks remotely...

CVE-2020-36493

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component mediamain.php via the activepath, keyword, tag, fmdo=x&filename, CKEditor and CKEditorFuncNum parameters...