Security Advisory

CVE-2020-36931

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-25 12:24:00

Last updated 2026-01-26 13:33:08

Assigner VulnCheck

State PUBLISHED

Description

Click2Magic 1.1.5 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts in the chat name input. Attackers can craft a malicious payload in the chat name to capture administrator cookies when the admin processes user requests.

← Browse all CVEs View on cve.org ↗