CVE-2020-20426: XSS
First published: Wed Dec 22 2021(Updated: )
S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in /function/booksave.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| S-cms S-cms | =5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-20426?
CVE-2020-20426 is a cross-site scripting (XSS) vulnerability found in S-CMS Government Station Building System v5.0.
How severe is CVE-2020-20426?
CVE-2020-20426 has a severity rating of 6.1 (Medium).
How does CVE-2020-20426 affect S-CMS Government Station Building System?
CVE-2020-20426 affects S-CMS Government Station Building System v5.0 by allowing attackers to execute arbitrary HTML or JavaScript code on the affected website.
What is the Common Weakness Enumeration (CWE) ID associated with CVE-2020-20426?
The CWE ID associated with CVE-2020-20426 is CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')).
How can I fix CVE-2020-20426?
To fix CVE-2020-20426, it is recommended to update S-CMS Government Station Building System to a version that addresses the vulnerability or apply any available patches or security updates provided by the vendor.
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- vendor/s-cms
- canonical/s-cms s-cms
- version/s-cms s-cms/5.0