CVE-2020-20781

Published: 2021-09-29T23:15Z

Last Modified: 2024-11-21T05:12Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

A stored cross-site scripting (XSS) vulnerability in /ucms/index.php?do=list_edit of UCMS 1.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title, key words, description or content text fields. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt