Bludit 3.10.0 WYSIWYG Editor Allows Insertion of Malicious JavaScript by Editor or Author Roles

Bludit 3.10.0 WYSIWYG Editor Allows Insertion of Malicious JavaScript by Editor or Author Roles

CVE-2020-8812 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Bludit 3.10.0 allows Editor or Author roles to insert malicious JavaScript on the WYSIWYG editor. NOTE: the vendor's perspective is that this is "not a bug.

Learn more about our Web Application Penetration Testing UK.