CVE-2020-20523

Name of the Vulnerable Software and Affected Versions Gila CMS version 1.11.3

Description The issue is related to a Cross Site Scripting (XSS) vulnerability in the adm user parameter, which allows remote attackers to execute arbitrary code during the Gila CMS installation.

Recommendations For Gila CMS version 1.11.3, avoid using the adm user parameter in the affected installation process until the issue is resolved. As a temporary workaround, consider restricting access to the installation module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.