CVE-2020-25876

A stored cross site scripting (XSS) vulnerability in the 'Pages' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Page Title' parameter.
References
Link Resource
https://github.com/r0ck3t1973/xss_payload/issues/3 Exploit Issue Tracking Third Party Advisory
https://codoforum.com/ Product
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:codologic:codoforum:5.0.2:*:*:*:*:*:*:*

Information

Published : 2021-07-09 15:15

Updated : 2021-07-12 12:10


NVD link : CVE-2020-25876

Mitre link : CVE-2020-25876


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

codologic

  • codoforum