Leptoncms · Leptoncms · CVE-2020-24872
**Name of the Vulnerable Software and Affected Versions**
Lepton-CMS version 4.7.0
**Description**
The issue is a Cross Site Scripting (XSS) vulnerability in the backend/pages/modify.php file, which allows remote attackers to execute arbitrary code. This can be exploited by attackers to inject malicious scripts into the website, potentially leading to unauthorized access or data theft.
**Recommendations**
For Lepton-CMS version 4.7.0, update to a newer version that contains a fix for this issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.