Medium severity5.4NVD Advisory· Published Sep 15, 2021· Updated Jun 17, 2026
CVE-2020-19158
CVE-2020-19158
Description
Cross Site Scripting (XSS) in S-CMS build 20191014 and earlier allows remote attackers to execute arbitrary code via the 'Site Title' parameter of the component '/data/admin/#/app/config/'.
Affected products
2- S-CMS/S-CMSdescription
Patches
Vulnerability mechanics
References
1- github.com/TL-swallow/swallow/blob/master/S-CMS%20XSS1.docxnvdThird Party Advisory
News mentions
0No linked articles in our index yet.