First published: Fri Jun 19 2020(Updated: )
Navigate CMS 2.9 allows XSS via the Alias or Real URL field of the "Web Sites > Create > Aliases > Add" screen.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Naviwebs Navigate CMS | =2.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-14927 is a vulnerability in Navigate CMS 2.9 that allows cross-site scripting (XSS) attacks via the Alias or Real URL field of the Web Sites > Create > Aliases > Add screen.
CVE-2020-14927 has a severity rating of 4.8 (medium).
CVE-2020-14927 affects Navigate CMS 2.9.
To fix CVE-2020-14927, update Navigate CMS to a version that addresses the vulnerability.
Yes, more information about CVE-2020-14927 can be found at the following link: [Navigate CMS Issue #19](https://github.com/NavigateCMS/Navigate-CMS/issues/19)