CVE-2020-19626

CVE-2020-19626

EPSS 0.8%

Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows remote attackers to inject arbitrary web script or HTML, via /admin/settings/sites/new.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://mayoterry.com/file/cve/XSS_vuluerability_in_Craftcms_3.1.31.pdf https://github.com/craftcms/cms/commit/76a2168b6a5e30144f5c06da4ff264f4eca577ff