LavaLite CMS 5.8.0 Menu Blocks Feature XSS Vulnerability
CVE-2020-23234 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,".
Learn more about our Cms Pen Testing.