CVE-2020-18693

Published August 6th, 2021

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

3.5

LOW

Affected

PROJECT

Description

Cross Site Scripting (XSS) in MineWebCMS v1.7.0 allows remote attackers to execute arbitrary code by injecting malicious code into the 'Title' field of the component '/admin/news'.

MineWeb/MineWebCMS

🚀 A French Minecraft CMS since 2015 (used by +1k websites)

GitHub