First published: Wed Jun 23 2021(Updated: )
Cross Site Scripting vulnerability in GetSimpleCMS 3.4.0a in admin/snippets.php via (1) Add Snippet and (2) Save snippets.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Get-simple Getsimplecms | =3.4.0-a1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2020-20391 is medium with a CVSS score of 5.4.
CVE-2020-20391 affects GetSimpleCMS version 3.4.0-a1.
The CWE for CVE-2020-20391 is CWE-79, which is for Cross-Site Scripting (XSS) vulnerabilities.
To fix CVE-2020-20391 in GetSimpleCMS, update to a version that is not affected, once a patch or update is available.
You can find more information about CVE-2020-20391 on the GitHub issue page: https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1322