CVE-2020-35240 in FluxBBinformación

Resumen

por MITRE • 2020-12-31

FluxBB 1.5.11 is affected by cross-site scripting (XSS in the Blog Content component. This vulnerability can allow an attacker to inject the XSS payload in &quot;Blog Content&quot; and each time any user will visit the blog, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Divulgación

2020-12-31

Moderación

aceptado

Artículo

VDB-167059

CPE

listo

CWE

CWE-79 (confirmado)

CVSS

3.5 (VulDB)

EPSS

0.00517

KEV

Actividades

muy bajo

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-35240
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-35240
CVE Details	https://www.cvedetails.com/cve/CVE-2020-35240/

◂ Anterior Visión De Conjunto Próximo ▸

Interested in the pricing of exploits?

See the underground prices here!