Medium severity5.4NVD Advisory· Published Aug 26, 2021· Updated Jun 17, 2026
CVE-2020-18475
CVE-2020-18475
Description
Cross Site Scripting (XSS) vulnerabilty exists in Hucart CMS 5.7.4 is via the mes_title field. The first user inserts a malicious script into the header field of the outbox and sends it to other users. When other users open the email, the malicious code will be executed.
Affected products
2- Hucart CMS/Hucart CMSdescription
Patches
Vulnerability mechanics
References
1- github.com/joelister/bug/issues/7nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.