Lucene search
GoogleOSV:CVE-2020-26669HistoryJun 01, 2021 - 3:15 p.m.
CVE-2020-26669
2021-06-0115:15:07
Google
osv.dev
2
A stored cross-site scripting (XSS) vulnerability was discovered in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to execute arbitrary web scripts or HTML via the page content to site/index.php/admin/pages/update.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bigtree-cms | eq | 4.2.14 | |
| bigtree-cms | eq | 4.2.17 | |
| bigtree-cms | eq | 4.0 | |
| bigtree-cms | eq | 4.3 | |
| bigtree-cms | eq | 4.4.5 | |
| bigtree-cms | eq | 4.4.10 | |
| bigtree-cms | eq | RC2 | |
| bigtree-cms | eq | 4.0RC2 | |
| bigtree-cms | eq | 4.4.4 | |
| bigtree-cms | eq | 4.4.9 |
References
Related
cve
cve
CVE-2020-26669
2021-06-01 15:15:07
cvelist
cvelist
CVE-2020-26669
2021-06-01 14:13:24
nvd
nvd
CVE-2020-26669
2021-06-01 15:15:07
prion
prion
Cross site scripting
2021-06-01 15:15:00
openvas
openvas
BigTree CMS Multiple Vulnerabilities (Sep 2020)
2021-06-02 00:00:00