CVE-2020-21130

Name of the Vulnerable Software and Affected Versions HisiPHP version 2.0.8

Description The issue is related to a Cross Site Scripting (XSS) vulnerability. It is associated with the failure to protect the web page structure, specifically via the group name in addgroup.html. This could allow a remote attacker to perform cross-site scripting attacks.

Recommendations For HisiPHP version 2.0.8, as a temporary workaround, consider restricting access to the addgroup.html component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.