CVE-2020-22841
Published
CVSS v3
4.8
MEDIUM
CVSS v2
3.5
LOW
Affected
1
PROJECT
Description
Stored XSS in b2evolution CMS version 6.11.6 and prior allows an attacker to perform malicious JavaScript code execution via the plugin name input field in the plugin module.
b2evolution CMS: Multiblog/CMS content publishing + forums + email marketing + social network + more... b2evolution includes everything you need to run and maintain a modern website. Optimized for low maintenance with easy upgrades and effective antispam. Full RWD & bootstrap support.
GitHub