CVE-2020-21506

Name of the Vulnerable Software and Affected Versions: waimai Super Cms version 20150505

Description: The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability is located in the /admin.php?m=Config&a=add component. Cross-site scripting (XSS) is a type of security vulnerability that allows an attacker to inject malicious scripts into a website, potentially allowing them to steal user data or take control of the user's session.

Recommendations: For waimai Super Cms version 20150505, as a temporary workaround, consider restricting access to the /admin.php?m=Config&a=add component until a patch is available. Avoid using this component in a way that could allow an attacker to inject malicious scripts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.