CVE-2020-29315

Description

ThinkAdmin version v6 has a stored XSS vulnerability which allows remote attackers to inject an arbitrary web script or HTML.

Affected packages (1)

• Packagist/zoujingli/thinkadminfrom 0, < 6.0.22

CVSS scores

References (4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2020-29315
• PATCHhttps://github.com/zoujingli/ThinkAdmin
• WEBhttps://github.com/zoujingli/ThinkAdmin/commit/5e7c2325008d0191f941666b5589c08a070ce838
• WEBhttps://github.com/zoujingli/ThinkAdmin/issues/255