Security Advisory

CVE-2020-19882

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-08-24 14:22:18

Last updated 2024-08-04 14:15:28

Assigner mitre

State PUBLISHED

Description

DBHcms v1.2.0 has a stored xss vulnerability as there is no htmlspecialchars function for menu_description variable in dbhcmsmodmod.menus.edit.php line 83 and in dbhcmsmodmod.menus.view.php line 111, A remote authenticated with admin user can exploit this vulnerability to hijack other users.

← Browse all CVEs View on cve.org ↗