← back
CVE-2020-25495

CVE-2020-25495

EPSS 8.1%
A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'.
Affected products
n/a · n/a
public PoCs found2
cve_referencepacketstormsecurity.com/files/160634/SCO-Openserver-5.0.7-Cross-Site-Scripting.htmlunverifiedexploitdbwww.exploit-db.com/exploits/49300unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/160634/SCO-Openserver-5.0.7-Cross-Site-Scripting.htmlhttps://github.com/Ramikan/Vulnerabilities/blob/master/SCO%20Openserver%20XSS%20%26%20HTML%20Injection%20vulnerability