Vulnerability Details CVE-2020-27388
Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel, Versions 1.5 - 1.7.10. An authenticated user must modify a PHP plugin with a malicious payload and upload it, resulting in multiple stored XSS issues.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.3%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2020-27388
-
cpe:2.3:a:yourls:yourls:1.5
-
cpe:2.3:a:yourls:yourls:1.5.1
-
cpe:2.3:a:yourls:yourls:1.6
-
cpe:2.3:a:yourls:yourls:1.7
-
cpe:2.3:a:yourls:yourls:1.7.1
-
cpe:2.3:a:yourls:yourls:1.7.2
-
cpe:2.3:a:yourls:yourls:1.7.3
-
cpe:2.3:a:yourls:yourls:1.7.4
-
cpe:2.3:a:yourls:yourls:1.7.5
-
cpe:2.3:a:yourls:yourls:1.7.6
-
cpe:2.3:a:yourls:yourls:1.7.9