Security Advisory

CVE-2020-37054

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-30 22:07:19

Last updated 2026-03-05 01:27:43

Assigner VulnCheck

State PUBLISHED

Description

Navigate CMS 2.8.7 contains a cross-site request forgery vulnerability that allows attackers to upload malicious extensions through a crafted HTML page. Attackers can trick authenticated administrators into executing arbitrary file uploads by leveraging the extension upload functionality without additional validation.

← Browse all CVEs View on cve.org ↗