CVE-2020-35126

Name of the Vulnerable Software and Affected Versions Typesetter CMS versions 5.x through 5.1

Description The issue allows admins to conduct Site Title persistent XSS attacks via an Admin/Configuration URI. The significance of this report is disputed because admins are considered trustworthy.

Recommendations For versions 5.x through 5.1, as a temporary workaround, consider restricting access to the Admin/Configuration URI to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.