High severity8.8NVD Advisory· Published Mar 24, 2020· Updated Jun 17, 2026
CVE-2020-8985
CVE-2020-8985
Description
ZendTo prior to 5.22-2 Beta allowed reflected XSS and CSRF via the unlock.tpl unlock user functionality.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ZendTo/ZendTodescription
Patches
Vulnerability mechanics
References
1- zend.to/changelog.phpnvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.