CVE-2020-20691 · Vexday

CVE-2020-20691

EPSS 0.9%

An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/monstra-cms/monstra/issues/461