PT-2023-11498 · Unknown · Chaoji Cms

Godepic

·

Publicado

2023-06-27

·

Atualizado

2023-07-05

·

CVE-2020-18410

CVSS v3.1

4.8

Média

VetorAV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Chaoji CMS version 2.18
Description A stored cross site scripting (XSS) issue in the /index.php?admin-master-article-edit endpoint of Chaoji CMS allows attackers to obtain administrator privileges.
Recommendations For Chaoji CMS version 2.18, update to a version that fixes this issue to prevent exploitation. As a temporary workaround, consider restricting access to the /index.php?admin-master-article-edit endpoint until a patch is available.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2020-18410

Produtos afetados

Chaoji Cms