Stored XSS Vulnerability in Chronoforeum 2.0.11 Allows Execution of Crafted Payload via Posts
CVE-2020-27459 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when inserting a crafted payload into a post. If any user sees the post, the inserted XSS code is executed.
Learn more about our User Device Pen Test.