Cross-Site Scripting Vulnerability in PbootCMS by PbootCMS Developers
CVE-2020-20363

4.8MEDIUM

Key Information:

Vendor

Pbootcms

Status
Pbootcms
Vendor
CVE Published:
8 July 2021

What is CVE-2020-20363?

A Cross-Site Scripting (XSS) vulnerability has been identified in PbootCMS version 2.0.3, specifically affecting the admin.php file. This vulnerability allows attackers to inject malicious scripts into web pages viewed by users, which may lead to unauthorized access to sensitive information, session hijacking, and other security breaches. Users of the affected version are advised to implement necessary updates or patches to safeguard their web applications.

References

http://pbootcms.com
x_refsource_MISC
https://github.com/hnaoyun/PbootCMS
x_refsource_MISC
https://github.com/wind226/CVE/issues/1
x_refsource_MISC

CVSS V3.1

Score:
4.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.