Vulnerability Details CVE-2020-21643
Cross Site Scripting (XSS) vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.3%
CVSS Severity
CVSS v3 Score 6.1
Products affected by CVE-2020-21643
-
cpe:2.3:a:hongcms_project:hongcms:3.0.0