CVE-2020-21494

Published October 4th, 2021

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0.

rayfalling/xiuno-docker

基于修罗/xiunoBBS的docker方案

GitHub