CVE-2020-23048

SeedDMS Content Management System v6.0.7 contains a persistent cross-site scripting (XSS) vulnerability in the component AddEvent.php via the name and comment parameters.
References
Link Resource
https://www.vulnerability-lab.com/get_content.php?id=2209 Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:seeddms:seeddms:4.3.37:*:*:*:*:*:*:*
cpe:2.3:a:seeddms:seeddms:5.0.13:*:*:*:*:*:*:*
cpe:2.3:a:seeddms:seeddms:5.1.14:*:*:*:*:*:*:*
cpe:2.3:a:seeddms:seeddms:5.1.16:*:*:*:*:*:*:*
cpe:2.3:a:seeddms:seeddms:5.1.18:*:*:*:*:*:*:*
cpe:2.3:a:seeddms:seeddms:6.0.7:-:*:*:*:*:*:*

Information

Published : 2021-10-22 13:15

Updated : 2021-10-27 11:58


NVD link : CVE-2020-23048

Mitre link : CVE-2020-23048


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

seeddms

  • seeddms