Unrated severityNVD Advisory· Published May 10, 2021· Updated Aug 4, 2024
CVE-2020-23376
CVE-2020-23376
Description
NoneCMS v1.3 has a CSRF vulnerability in public/index.php/admin/nav/add.html, as demonstrated by adding a navigation column which can be injected with arbitrary web script or HTML via the name parameter to launch a stored XSS attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2- cwe.mitre.org/data/definitions/352.htmlmitrex_refsource_MISC
- github.com/nangge/noneCms/issues/35mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.