First published: Tue Nov 24 2020(Updated: )
SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Newsscriptphp News Script Php Pro | =2.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for SimplePHPscripts News Script PHP Pro 2.3 is CVE-2020-25474.
The severity of CVE-2020-25474 is medium with a CVSS score of 6.1.
The Cross Site Scripting (XSS) vulnerability in SimplePHPscripts News Script PHP Pro 2.3 occurs via the editor_name parameter.
The software version affected by CVE-2020-25474 is SimplePHPscripts News Script PHP Pro 2.3.
You can find more information about CVE-2020-25474 at the following references: [1] https://news.websec.nl, [2] https://websec.nl, [3] https://www.linkedin.com/feed/update/urn:li:activity:6736997788850122752