Lucene search
Veracode Vulnerability DatabaseVERACODE:32721HistoryOct 26, 2021 - 1:36 p.m.
Cross-site Scripting (XSS)
2021-10-2613:36:40
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
fork cms
cross-site scripting
profiles module
javascript injection
EPSS
0.001
Percentile
24.8%
forkcms/forkcms is vulnerable to cross-site scripting attacks. The vulnerability exists because the ‘Displayname’ input field in ‘Profiles’ module is not properly encoded, which allows a malicious attacker to inject and execute arbitrary javascript.
Related
prion
prion
Cross site scripting
2021-10-22 20:15:00
nvd
nvd
CVE-2020-23049
2021-10-22 20:15:10
osv
osv
CVE-2020-23049
2021-10-22 20:15:10
Cross-site scripting in forkcms
2021-10-25 19:43:05
github
github
Cross-site scripting in forkcms
2021-10-25 19:43:05
cve
cve
CVE-2020-23049
2021-10-22 20:15:10
cvelist
cvelist
CVE-2020-23049
2021-10-22 19:20:29
cnvd
cnvd
Fork CMS Cross-Site Scripting Vulnerability (CNVD-2021-83552)
2021-10-26 00:00:00