01642 06 11 11 Arrange Call

Cross-Site Scripting (XSS) Vulnerability in Xiuno BBS 4.0.4 via install.sql Component

CVE-2020-21494 · MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVE-2020-21494

A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.