CVE-2020-36638
MEDIUM WAF: High
CVSS 6.1
Published: 2022-12-30
CWE-79
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Chris92de AdminServ. It has been rated as problematic. This issue affects some unknown processing of the file resources/core/adminserv.php. The manipulation of the argument error leads to cross site scripting. The attack may be initiated remotely. The patch is named 9a45087814295de6fb3a3fe38f96293665234da1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217043. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
WAF Coverage Analysis
Cross-Site Scripting (XSS)
High WAF Coverage
OWASP: A03:2021 Injection
941xxx - XSS / XXE
Affected Software
| Vendor | Product | Version |
|---|---|---|
| adminserv_project | adminserv | up to 2020-09-29 |
References
- github.com (Patch)
- github.com (Patch)
- vuldb.com (Third Party Advisory)
- vuldb.com (Third Party Advisory)