Disclosure Date 2020/11/05
CVE-2020-5662
Reflected Cross-site Scripting in XooNIps
XOOPS 用モジュール XooNIps における反射型 XSS (クロスサイトスクリプティング)
Credit
stypr (@stereotype32)
Affected-Versions
XooNIps: v3.49 and earlier
CWE
- CWE-79
Description
XooNIps 3.49 and earlier was affected by Reflected Cross-Site Scripting (XSS). This allows remote attackers to execute arbitrary javascript code from victim's browser.