CVE-2020-25915

Description

Cross Site Scripting (XSS) vulnerability in UserController.php in ThinkCMF version 5.1.5, allows attackers to execute arbitrary code via crafted user_login.

Related CPE's

a thinkcmf thinkcmf 5.1.5 *******

References

https://github.com/thinkcmf/thinkcmf/issues/675

Vendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io