Disclosure Date 2020/11/05

CVE-2020-5663

Stored Cross-site Scripting in XooNIps

XOOPS 用モジュール XooNIps における格納型 XSS (クロスサイトスクリプティング)

Credit

stypr (@stereotype32)

Affected-Versions

XooNIps: v3.49 and earlier

CWE

CWE-79

Description

XooNIps 3.49 and earlier was affected by Stored Cross-Site Scripting (XSS). This allows remote attackers to execute arbitrary javascript code from victim's browser.

Product-URLs

https://xoonips.osdn.jp/

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-5663
https://jvn.jp/vu/JVNVU92053563/index.html
https://xoonips.osdn.jp/modules/news/index.php?page=article&storyid=13

Back

CVE-2020-5663

Credit

Affected-Versions

CWE

Description

Product-URLs

Reference

会社情報

サービス紹介

お問い合わせ