CVE-2020-19156: XSS
First published: Wed Sep 15 2021(Updated: )
Cross Site Scripting (XSS) in Ari Adminer v1 allows remote attackers to execute arbitrary code via the 'Title' parameter of the 'Add New Connections' component when the 'save()' function is called.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ari-soft Ari Adminer | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-19156?
The severity of CVE-2020-19156 is medium with a CVSS score of 5.4.
How does the Cross Site Scripting (XSS) vulnerability in Ari Adminer v1 (CVE-2020-19156) occur?
The Cross Site Scripting (XSS) vulnerability in Ari Adminer v1 (CVE-2020-19156) occurs when the 'Title' parameter of the 'Add New Connections' component is not properly sanitized, allowing remote attackers to execute arbitrary code.
What is the affected software of CVE-2020-19156?
The affected software of CVE-2020-19156 is Ari Adminer v1 version 1.0.
How can I fix the Cross Site Scripting (XSS) vulnerability in Ari Adminer v1 (CVE-2020-19156)?
To fix the Cross Site Scripting (XSS) vulnerability in Ari Adminer v1 (CVE-2020-19156), it is recommended to update to a patched version of Ari Adminer v1.
Where can I find more information about CVE-2020-19156?
For more information about CVE-2020-19156, you can visit the following link: https://www.seebug.org/vuldb/ssvid-97852
- collector/nvd-index
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- vendor/ari-soft
- canonical/ari-soft ari adminer
- version/ari-soft ari adminer/1.0