CVE-2020-21496

MEDIUM

Xiunobbs - XSS

Title source: rule

Description

A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitebrief parameter.

Exploits (1)

References (2)

Scores

CVSS v3 6.1
EPSS 0.0022
EPSS Percentile 44.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
xiuno/xiunobbs 4.0.4
Published Oct 04, 2021
Tracked Since Feb 18, 2026