Security Advisory

CVE-2020-35241

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-30 14:26:49

Last updated 2025-01-29 20:58:11

Assigner mitre

State PUBLISHED

Description

FlatPress 1.0.3 is affected by cross-site scripting (XSS) in the Blog Content component. This vulnerability can allow an attacker to inject the XSS payload in Blog content via the admin panel. Each time any user will go to that blog page, the XSS triggers and the attacker can steal the cookie according to the crafted payload.

← Browse all CVEs View on cve.org ↗