← Back to CVE List
CVE-2020-7809
ALSong 3.46 and earlier version contain a Document Object Model (DOM) based cross-site scripting vulnerability caused by improper validation of user input. A remote attacker could exploit this vulnerability by tricking the victim to open ALSong Album(sab) file.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt