VYPR

CMS

by HuCart

CVEs (1)

  • CVE-2020-18475MedAug 26, 2021
    risk 0.35cvss 5.4epss 0.00

    Cross Site Scripting (XSS) vulnerabilty exists in Hucart CMS 5.7.4 is via the mes_title field. The first user inserts a malicious script into the header field of the outbox and sends it to other users. When other users open the email, the malicious code will be executed.