CVE-2020-36490

Published: 2021-10-22T20:15Z

Last Modified: 2024-11-21T05:29Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt