CVE-2020-18280
Phodal CMD v.1.0 is affected by a Cross Site Scripting vulnerability that allows a local attacker to execute arbitrary code via the EMBED SRC function. Affected component: Phodal CMD, version 1.0. Root cause: EMBED SRC function enables code execution through XSS. In the available documents, explo...