CVE-2020-20640

Posted on 2021년 6월 29일2021년 6월 29일 by admin

CVE-2020-20640

Cross Site Scripting (XSS) vulnerability in ECShop 4.0 due to security filtering issues, in the user.php file, we can use the html entity encoding to bypass the security policy of the safety.php file, triggering the xss vulnerability.

Source: CVE-2020-20640

답글 남기기 응답 취소