Arbitrary Web Script Execution Vulnerability in Monstra CMS v3.0.4

Arbitrary Web Script Execution Vulnerability in Monstra CMS v3.0.4

CVE-2020-20691 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files.

Learn more about our Web App Pen Testing.