Moderate severityNVD Advisory· Published Apr 9, 2021· Updated Aug 4, 2024
CVE-2020-23761
CVE-2020-23761
Description
Cross Site Scripting (XSS) vulnerability in subrion CMS Version <= 4.2.1 allows remote attackers to execute arbitrary web script via the "payment gateway" column on transactions tab.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
intelliants/subrionPackagist | <= 4.2.1 | — |
Affected products
2- subrion/subrion CMSdescription
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-xhc3-5pgf-p576ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-23761ghsaADVISORY
- hidden-one.co.in/2021/04/09/cve-2020-23761-stored-xss-vulnerability-in-subrion-cms-versionghsaWEB
- hidden-one.co.in/2021/04/09/cve-2020-23761-stored-xss-vulnerability-in-subrion-cms-version/mitrex_refsource_MISC
- subrion.orgghsaWEB
- subrion.orgmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.