Vulnerability Details CVE-2020-21101
Cross Site Scriptiong vulnerabilityin Screenly screenly-ose all versions, including v1.8.2 (2019-09-25-Screenly-OSE-lite.img), in the 'Add Asset' page via manipulation of a 'URL' field, which could let a remote malicious user execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.2%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2020-21101
-
cpe:2.3:a:screenly:screenly:0.10
-
cpe:2.3:a:screenly:screenly:0.11
-
cpe:2.3:a:screenly:screenly:0.12
-
cpe:2.3:a:screenly:screenly:0.12.1
-
cpe:2.3:a:screenly:screenly:0.13
-
cpe:2.3:a:screenly:screenly:0.14
-
cpe:2.3:a:screenly:screenly:0.15
-
cpe:2.3:a:screenly:screenly:0.15.1
-
cpe:2.3:a:screenly:screenly:0.16
-
cpe:2.3:a:screenly:screenly:0.17
-
cpe:2.3:a:screenly:screenly:0.18
-
cpe:2.3:a:screenly:screenly:0.18.1
-
cpe:2.3:a:screenly:screenly:0.18.2
-
cpe:2.3:a:screenly:screenly:0.9
-
cpe:2.3:a:screenly:screenly:0.9.1