Stored XSS Vulnerability in UliCMS Product by UliCMS

CVE-2020-12704

What is CVE-2020-12704?

UliCMS versions prior to 2020.2 are susceptible to a stored Cross-Site Scripting (XSS) vulnerability in the PageController component. This flaw allows attackers to inject malicious scripts into web pages viewed by users, potentially compromising sensitive data and user interactions. Website administrators are advised to upgrade to the latest version to mitigate any associated risks.

References