CVE-2020-36494

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component mychannel_edit.php via the `filename`, `mid`, `userid`, and `templet' parameters. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt