CVE-2020-20589

Name of the Vulnerable Software and Affected Versions FeehiCMS version 2.0.8

Description A Cross Site Scripting (XSS) issue allows remote attackers to run arbitrary code via the lang attribute of an HTML tag. This enables attackers to execute malicious scripts on the client-side, potentially leading to unauthorized actions or data theft.

Recommendations For FeehiCMS version 2.0.8, consider disabling the use of the lang attribute in HTML tags until a patch is available to prevent exploitation of this issue. Restrict access to areas where this attribute is used to minimize the risk of XSS attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.