CVE-2020-21082

Name of the Vulnerable Software and Affected Versions: Maccms version 8.0

Description: A cross-site scripting (XSS) vulnerability in the background administrator article management module allows attackers to steal administrator and user cookies via crafted payloads in the text fields for Chinese and English names, such as Chinese name and English name.

Recommendations: For Maccms version 8.0, consider disabling the background administrator article management module until a patch is available. Restrict access to the text fields for Chinese and English names to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.