CVE-2020-21146

MEDIUM

Feehi Cms < 2.0.8.1 - XSS

Title source: rule

Description

Feehi CMS 2.0.8 is affected by a cross-site scripting (XSS) vulnerability. When the user name is inserted as JavaScript code, browsing the post will trigger the XSS.

References (1)

Scores

CVSS v3 6.1
EPSS 0.0031
EPSS Percentile 53.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (2)
feehi/cms 0 - 2.0.8.1Packagist
feehi/feehi_cms 2.0.8
Published Jan 26, 2021
Tracked Since Feb 18, 2026