Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-23234

Disclosure Date: July 26, 2021 (last updated February 23, 2025)
Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,".
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0