Stored XSS in Comments Plugin for Craft CMS

CVE-2020-13869

What is CVE-2020-13869?

A stored XSS vulnerability exists in the Comments plugin for Craft CMS, allowing attackers to inject malicious scripts via guest names. This could lead to unauthorized actions being executed by users accessing the compromised comments, potentially compromising user data and site integrity.

References