CVE-2020-21930

Name of the Vulnerable Software and Affected Versions: Eyoucms version 1.4.1

Description: A stored cross site scripting (XSS) issue in the web attr 2 field allows authenticated attackers to execute arbitrary web scripts or HTML. This can lead to the execution of malicious code on the web application.

Recommendations: For Eyoucms version 1.4.1, consider restricting access to the web attr 2 field to prevent exploitation until a fix is available. As a temporary workaround, disabling the ability to input arbitrary HTML in this field can help minimize the risk. At the moment, there is no information about a newer version that contains a fix for this issue.