CVE-2020-19626

CVE-2020-19626

EPSS 0.8%

Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows remote attackers to inject arbitrary web script or HTML, via /admin/settings/sites/new.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://mayoterry.com/file/cve/XSS_vuluerability_in_Craftcms_3.1.31.pdf https://github.com/craftcms/cms/commit/76a2168b6a5e30144f5c06da4ff264f4eca577ff