CVE-2020-36496

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component sys_admin_user_edit.php via the `filename`, `mid`, `userid`, and `templet' parameters. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt