DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component tags_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
References
Link Resource
https://www.vulnerability-lab.com/get_content.php?id=2195 Exploit Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-10-22T19:20:01

Updated: 2021-10-22T19:20:01

Reserved: 2021-10-20T00:00:00


Link: CVE-2020-36491

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2021-10-22T20:15:11.323

Modified: 2021-10-28T00:56:40.000


Link: CVE-2020-36491

JSON object: View

cve-icon Redhat Information

No data.

CWE