CVE-2020-24390

eonweb in EyesOfNetwork before 5.3-7 does not properly escape the username on the /module/admin_logs page, which might allow pre-authentication stored XSS during login/logout logs recording.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:eyesofnetwork:eyesofnetwork:*:*:*:*:*:*:*:*

Information

Published : 2020-08-27 09:15

Updated : 2020-09-02 09:57


NVD link : CVE-2020-24390

Mitre link : CVE-2020-24390


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

eyesofnetwork

  • eyesofnetwork