PT-2021-10929 · Unknown · Lavalite Cms

Luuthehienhbitop

·

Published

2021-07-07

·

Updated

2021-09-08

·

CVE-2020-23700

CVSS v3.1

4.8

Medium

VectorAV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions LavaLite-CMS version 5.8.0
Description A Cross Site Scripting (XSS) issue exists, allowing potential exploitation via the Menu Links feature.
Recommendations For LavaLite-CMS version 5.8.0, consider disabling the Menu Links feature until a patch is available.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2020-23700
GHSA-592V-7FRM-H44Q

Affected Products

Lavalite Cms