CVE-2020-36493
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component media_ma
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component media_main.php via the activepath, keyword, tag, fmdo=x&filename, CKEditor and CKEditorFuncNum parameters.
MEDIUM · CVSS 5.4
EPSS 0.00176
Schedule remediation
- Public exploit or PoC is available
Sigma rules0
YARA rules0