CVE-2020-20125

Name of the Vulnerable Software and Affected Versions: EARCLINK ESPCMS-P8

Description: The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability is located in the espcms webespcms load.php file.

Recommendations: For EARCLINK ESPCMS-P8, consider disabling access to the espcms load.php file as a temporary workaround until a patch is available. Restrict input validation in the espcms load.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.