Stored XSS Vulnerability in Codoforum v5.0.2 'Pages' Feature

Stored XSS Vulnerability in Codoforum v5.0.2 'Pages' Feature

CVE-2020-25876 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A stored cross site scripting (XSS) vulnerability in the 'Pages' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Page Title' parameter.

Learn more about our Web App Pen Testing.