An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS. There is stored XSS via an asset volume name.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-06-05T18:34:35

Updated: 2024-08-04T12:32:14.220Z

Reserved: 2020-06-05T00:00:00

Link: CVE-2020-13870

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-06-05T19:15:13.517

Modified: 2024-11-21T05:02:02.830

Link: CVE-2020-13870

cve-icon Redhat

No data.