CVE-2020-19626

Published March 26th, 2021

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

3.5

LOW

Affected

PROJECT

Description

Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows remote attackers to inject arbitrary web script or HTML, via /admin/settings/sites/new.

craftcms/cms

Build bespoke content experiences with Craft.

GitHub

3.58K