CVE-2020-15006 - OpenCVE

Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document to bl-kernel/ajax/logo-upload.php.

No CVSS v3.0

AV:N/AC:M/Au:S/C:N/I:P/A:N

Vendors	Products
Bludit	Bludit

Configuration 1 [-]

cpe:2.3:a:bludit:bludit:3.12.0:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/bludit/bludit/issues/1212	Exploit Issue Tracking Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2020-06-24T10:41:54

Updated: 2020-06-24T10:41:54

Reserved: 2020-06-24T00:00:00

Link: CVE-2020-15006

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-06-24T11:15:11.980

Modified: 2020-07-02T19:29:00.253

Link: CVE-2020-15006

JSON object: View

Redhat Information

No data.

CWE