CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-36932

SeaCMS 11.1 contains a stored cross-site scripting vulnerability in the checkuser parameter of the admin settings page. Attackers can inject malicious JavaScript payloads that will execute in users' browsers when the page is loaded.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 0.8%

CVSS Severity

CVSS v3 Score 6.4

References

https://www.exploit-db.com/exploits/49251
https://www.seacms.net/
https://www.vulncheck.com/advisories/seacms-checkuser-stored-xss

Products affected by CVE-2020-36932

Seacms » Seacms » Version: 11.1

cpe:2.3:a:seacms:seacms:11.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-36932

Products

Pricing

Contact Us