Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2020-19274
HistoryMay 12, 2021 - 5:15 p.m.

CVE-2020-19274

2021-05-1217:15:07
CWE-79
mitre
web.nvd.nist.gov
39
4
xss
vulnerability
dhcms
2017-09-18
remote code execution

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

39.7%

JSON

A Cross SIte Scripting (XSS) vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code.

Affected configurations

Nvd
Node
dhcms_projectdhcmsMatch2017-09-18
VendorProductVersionCPE
dhcms_projectdhcms2017-09-18cpe:2.3:a:dhcms_project:dhcms:2017-09-18:*:*:*:*:*:*:*

Social References

More

Related

nvd 1
cvelist 1
prion 1
nvd
nvd
CVE-2020-19274
2021-05-12 17:15:07
cvelist
cvelist
CVE-2020-19274
2021-05-12 16:26:35
prion
prion
Cross site scripting
2021-05-12 17:15:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

39.7%

JSON
Related for CVE-2020-19274
nvd1cvelist1prion1