First published: Wed Mar 10 2021(Updated: )
An issue was discovered in FUEL CMS V1.4.7. An attacker can use a XSS payload and bypass a filter via /fuelCM/fuel/pages/edit/1?lang=english.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
TheDayLightStudio Fuel CMS | =1.4.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-23721 is a vulnerability that exists in FUEL CMS version 1.4.7.
CVE-2020-23721 has a severity keyword of medium and a severity value of 5.4.
CVE-2020-23721 allows an attacker to use a XSS payload and bypass a filter in FUEL CMS version 1.4.7.
To fix CVE-2020-23721, update FUEL CMS to a version that is not affected by the vulnerability.
You can find more information about CVE-2020-23721 at the following reference: [Link](https://github.com/daylightstudio/FUEL-CMS/issues/559)