Cross-Site Scripting Vulnerability in Subrion by Intelliants
CVE-2020-22330

6.1MEDIUM

Key Information:

Vendor

Intelliants

Status
Subrion
Vendor
CVE Published:
6 August 2021

What is CVE-2020-22330?

The Subrion CMS version 4.2.1 contains a Cross-Site Scripting (XSS) vulnerability that can be exploited through crafted page titles. This flaw allows attackers to inject malicious scripts into web pages, potentially compromising sensitive user information and impacting application integrity. Proper security measures should be implemented to mitigate this risk and protect user data against such vulnerabilities.

References

https://github.com/intelliants/subrion/issues/850
x_refsource_MISC

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.