PT-2021-10823 · Unknown · Macrob7 Macs Framework Content Management System

Published

2021-10-22

Updated

2021-10-27

CVE-2020-23047

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Macrob7 Macs Framework Content Management System version 1.14f

Description The issue is related to a cross-site scripting (XSS) vulnerability found in the search input field of the search module. This allows for potential malicious script injection.

Recommendations For Macrob7 Macs Framework Content Management System version 1.14f, consider disabling the search module until a patch is available to prevent exploitation of the XSS vulnerability in the search input field.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2020-23047

Affected Products

Macrob7 Macs Framework Content Management System

PT-2021-10823 · Unknown · Macrob7 Macs Framework Content Management System

CVE-2020-23047

Weakness Enumeration

Related Identifiers

Affected Products

References · 4