CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-25140

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur in pages/contacts.inc.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.4%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://docs.observium.org/changelog/
https://docs.observium.org/changelog/

Products affected by CVE-2020-25140

Observium » Observium » Version: 20.8.10631

cpe:2.3:a:observium:observium:20.8.10631

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-25140

Products

Pricing

Contact Us