A stored cross site scripting (XSS) vulnerability in index.php/legend/6.html of UK CMS v1.1.10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Comments section.
References
Link | Resource |
---|---|
https://github.com/yxcmf/ukcms/issues/6 | Exploit Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-08-12T14:49:19
Updated: 2021-08-12T14:49:19
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-20977
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-08-12T15:15:07.430
Modified: 2022-09-23T16:51:50.420
Link: CVE-2020-20977
JSON object: View
Redhat Information
No data.
CWE