CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-18699

Cross Site Scripting (XSS) in Lin-CMS-Flask v0.1.1 allows remote attackers to execute arbitrary code by entering scripts in the the 'Username' parameter of the in component 'app/api/cms/user.py'.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.9%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://github.com/TaleLin/lin-cms-flask/issues/28
https://github.com/TaleLin/lin-cms-flask/issues/28

Products affected by CVE-2020-18699

Talelin » Lin-Cms-Flask » Version: 0.1.1

cpe:2.3:a:talelin:lin-cms-flask:0.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-18699

Products

Pricing

Contact Us