CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-20982

Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.36

EPSS Ranking 96.9%

CVSS Severity

CVSS v3 Score 9.6

CVSS v2 Score 6.8

References

https://github.com/shadoweb/wdja/issues/1
https://github.com/shadoweb/wdja/issues/1

Products affected by CVE-2020-20982

Wdja » Wdja Cms » Version: 1.5.1

cpe:2.3:a:wdja:wdja_cms:1.5.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-20982

Products

Pricing

Contact Us