CVE-2020-5842

CVE-2020-5842

EPSS 1.8%

Codoforum 4.8.3 allows XSS in the user registration page: via the username field to the index.php?u=/user/register URI. The payload is, for example, executed on the admin/index.php?page=users/manage page.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://medium.com/%40prasanthc41m/cve-2020-5842-stored-xss-vulnerability-in-codoforum-4-8-3-b2e1133c6a91 https://www.exploit-db.com/exploits/47876