CVE-2020-9339: XSS
First published: Sat Feb 22 2020(Updated: )
SOPlanning 1.45 allows XSS via the Name or Comment to status.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Soplanning Soplanning | =1.45 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-9339?
CVE-2020-9339 is a vulnerability in SOPlanning 1.45 that allows XSS (Cross-Site Scripting) attacks via the Name or Comment fields in the status.php page.
How severe is CVE-2020-9339?
CVE-2020-9339 has a severity level of medium, with a CVSS score of 5.4.
What is the CWE (Common Weakness Enumeration) of CVE-2020-9339?
The CWE of CVE-2020-9339 is CWE-79, which is the classification for XSS (Cross-Site Scripting) vulnerabilities.
How can I fix CVE-2020-9339?
To fix CVE-2020-9339, it is recommended to update SOPlanning to a version that has addressed this vulnerability, or apply any patches provided by the software vendor.
Where can I find more information about CVE-2020-9339?
More information about CVE-2020-9339 can be found at the following reference: [GitHub - 0xEmma/CVEs](https://github.com/0xEmma/CVEs/blob/master/CVEs/2020-02-14-SoPlanning-Status-XSS.md)
- collector/nvd-index
- agent/weakness
- vendor/soplanning
- canonical/soplanning soplanning
- version/soplanning soplanning/1.45