Lucene search
Veracode Vulnerability DatabaseVERACODE:25072HistoryApr 27, 2020 - 9:30 a.m.
Cross-site Scripting (XSS)
2020-04-2709:30:35
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
21.6%
Croogo is vulnerable to cross-site scripting (XSS). The attacker can inject malicious script in the title parameter of admin/menus/menus or admin/taxonomy/vocabularies, causing the malicious script to be executed when a user visits the page.
| CPE | Name | Operator | Version |
|---|---|---|---|
| croogo/croogo | le | 3.0.6 |
Related
osv
osv
Croos-site scripting in Croogo
2021-06-22 15:23:21
CVE-2019-20789
2020-04-26 17:15:11
cve
cve
CVE-2019-20789
2020-04-26 17:15:11
prion
prion
Cross site scripting
2020-04-26 17:15:00
github
github
Croos-site scripting in Croogo
2021-06-22 15:23:21
cvelist
cvelist
CVE-2019-20789
2020-04-26 16:06:57
nvd
nvd
CVE-2019-20789
2020-04-26 17:15:11