VYPR
Medium severity6.1NVD Advisory· Published Nov 23, 2020· Updated Jun 17, 2026

CVE-2020-28927

CVE-2020-28927

Description

There is a Stored XSS in Magicpin v2.1 in the User Registration section. Each time an admin visits the manage user section from the admin panel, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.