Vulnerability Details CVE-2020-36012
Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.5%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
References
- http://bdtask.com
- http://multi-store.com
- https://kislay00.medium.com/m-store-multi-store-inventory-management-system-add-customer-stored-xss-875a376770ec
- http://bdtask.com
- http://multi-store.com
- https://kislay00.medium.com/m-store-multi-store-inventory-management-system-add-customer-stored-xss-875a376770ec
Products affected by CVE-2020-36012
-
cpe:2.3:a:bdtask:multi-store:1.0.0