exploitDog

CVE-2020-36932

Опубликовано: 25 янв. 2026

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

SeaCMS 11.1 contains a stored cross-site scripting vulnerability in the checkuser parameter of the admin settings page. Attackers can inject malicious JavaScript payloads that will execute in users' browsers when the page is loaded.

Ссылки

https://www.exploit-db.com/exploits/49251
Exploit
VDB Entry
https://www.seacms.net/
Product
https://www.vulncheck.com/advisories/seacms-checkuser-stored-xss
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:seacms:seacms:11.1:*:*:*:*:*:*:*

EPSS

Процентиль: 1%

0.00008

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-98f4-2wgg-m2jf

CVSS3: 6.4

github

13 дней назад

SeaCMS 11.1 contains a stored cross-site scripting vulnerability in the checkuser parameter of the admin settings page. Attackers can inject malicious JavaScript payloads that will execute in users' browsers when the page is loaded.

EPSS

Процентиль: 1%

0.00008

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79