WEB APPLICATION VULNERABILITIES Standard & Premium

SeoPanel Cross-site Scripting (XSS) Vulnerability (CVE-2020-35930)

Description

Seo Panel 4.8.0 allows stored XSS by an Authenticated User via the url parameter, as demonstrated by the seo/seopanel/websites.php URI.

Remediation

References

Related Vulnerabilities

WordPress Plugin Wufoo Shortcode Cross-Site Scripting (1.47)

XWiki Improper Neutralization of Alternate XSS Syntax Vulnerability (CVE-2023-35158)

Oracle HTTP Server Other Vulnerability (CVE-2020-35164)

PHP Out-of-bounds Read Vulnerability (CVE-2019-9024)

PHP Numeric Errors Vulnerability (CVE-2011-1471)

Severity

Medium

Classification

CVE-2020-35930 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities