Vulnerability Details CVE-2020-27741
Multiple cross-site scripting (XSS) vulnerabilities in Citadel WebCit through 926 allow remote attackers to inject arbitrary web script or HTML via multiple pages and parameters. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.9%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2020-27741
-
cpe:2.3:a:citadel:webcit:-
-
cpe:2.3:a:citadel:webcit:7.10
-
cpe:2.3:a:citadel:webcit:7.86
-
cpe:2.3:a:citadel:webcit:7.87
-
cpe:2.3:a:citadel:webcit:8.01
-
cpe:2.3:a:citadel:webcit:8.02
-
cpe:2.3:a:citadel:webcit:8.03
-
cpe:2.3:a:citadel:webcit:8.05
-
cpe:2.3:a:citadel:webcit:8.06
-
cpe:2.3:a:citadel:webcit:8.12
-
cpe:2.3:a:citadel:webcit:8.13
-
cpe:2.3:a:citadel:webcit:8.14
-
cpe:2.3:a:citadel:webcit:8.16
-
cpe:2.3:a:citadel:webcit:8.20
-
cpe:2.3:a:citadel:webcit:8.22
-
cpe:2.3:a:citadel:webcit:8.23
-
cpe:2.3:a:citadel:webcit:8.24
-
cpe:2.3:a:citadel:webcit:9.01
-
cpe:2.3:a:citadel:webcit:902
-
cpe:2.3:a:citadel:webcit:926