CVE-2020-15183
CVE-2020-15183 affects SoyCMS 3.0.2 and earlier. The root cause is a Reflected XSS leading to Remote Code Execution due to insecure elFinder configuration that enables Unrestricted File Upload. This can allow an attacker to coerce the administrator into executing actions on a crafted page, potent...