CVE-2020-19950

2021-09-2320:15:07

Google

osv.dev

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.8%

JSON

A cross-site scripting (XSS) vulnerability in the /banner/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML.

CPENameOperatorVersion
yzmcmseq5.3.0

CPE	Name	Operator	Version
	yzmcms	eq	5.3.0

References

github.com/yzmcms/yzmcms/issues/22