VYPR
Medium severity5.4NVD Advisory· Published Aug 26, 2021· Updated Jun 17, 2026

CVE-2020-18475

CVE-2020-18475

Description

Cross Site Scripting (XSS) vulnerabilty exists in Hucart CMS 5.7.4 is via the mes_title field. The first user inserts a malicious script into the header field of the outbox and sends it to other users. When other users open the email, the malicious code will be executed.

Affected products

2
  • Hucart CMS/Hucart CMSdescription
  • HuCart/CMSllm-create
    Range: =5.7.4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.