WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Admin Panel. An attacker can inject the XSS payload in Page keywords and each time any user will visit the website, the XSS triggers, and the attacker can able to steal the cookie according to the crafted payload.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-12-24T19:22:46
Updated: 2024-08-04T16:48:01.768Z
Reserved: 2020-11-27T00:00:00
Link: CVE-2020-29247
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-12-24T20:15:12.523
Modified: 2024-11-21T05:23:50.230
Link: CVE-2020-29247
Redhat
No data.