noneCMS 1.3.0 admin/nav/add.html name 跨网站脚本

条目编辑历史差异jsonxmlCTI

字段2021-05-11 08時27分2021-05-13 10時03分
namenoneCMSnoneCMS
version1.3.01.3.0
fileadmin/nav/add.htmladmin/nav/add.html
argumentnamename
cwe79 (跨网站脚本)79 (跨网站脚本)
risk11
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_uiRR
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
urlhttps://github.com/nangge/noneCms/issues/33https://github.com/nangge/noneCms/issues/33
cveCVE-2020-23373CVE-2020-23373
date1620684000 (2021-05-11)1620684000 (2021-05-11)
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss2_vuldb_auSS
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
cvss2_vuldb_basescore4.04.0
cvss2_vuldb_tempscore4.04.0
cvss3_vuldb_basescore3.53.5
cvss3_vuldb_tempscore3.53.5
cvss3_meta_basescore3.53.5
cvss3_meta_tempscore3.53.5
price_0day$0-$5k$0-$5k
cve_assigned1597269600
cve_nvd_summaryCross-site scripting (XSS) vulnerability in admin/nav/add.html in noneCMS v1.3.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the name parameter.

Might our Artificial Intelligence support you?

Check our Alexa App!