WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Admin Panel. An attacker can inject the XSS payload in Page keywords and each time any user will visit the website, the XSS triggers, and the attacker can able to steal the cookie according to the crafted payload.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-12-24T19:22:46

Updated: 2024-08-04T16:48:01.768Z

Reserved: 2020-11-27T00:00:00

Link: CVE-2020-29247

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-12-24T20:15:12.523

Modified: 2024-11-21T05:23:50.230

Link: CVE-2020-29247

cve-icon Redhat

No data.