VYPR
Medium severity5.4NVD Advisory· Published Sep 15, 2021· Updated Jun 17, 2026

CVE-2020-19158

CVE-2020-19158

Description

Cross Site Scripting (XSS) in S-CMS build 20191014 and earlier allows remote attackers to execute arbitrary code via the 'Site Title' parameter of the component '/data/admin/#/app/config/'.

Affected products

2
  • S-CMS/S-CMSdescription
  • S CMS/S CMSllm-fuzzy
    Range: <=20191014

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.