CVE-2020-29364
MEDIUMCVSS 4.8/10EPSS 0.61%
Last modified
CVE-2020-29364 is a medium-severity vulnerability rated 4.8/10 on the CVSS scale. In NetArt News Lister 1.0.0, the news headlines vulnerable to stored xss attacks. Attackers can inject codes in news titles.. EPSS estimates a 0.61% chance of exploitation in the next 30 days.
Description
In NetArt News Lister 1.0.0, the news headlines vulnerable to stored xss attacks. Attackers can inject codes in news titles.
Metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Netartmedia | News Lister | 1.0.0 |
References
- https://github.com/aslanemre/CVE-2020-29364/blob/main/CVE-2020-29364Exploit, Third Party Advisory
- https://www.netartmedia.net/newslisterProduct, Vendor Advisory
- https://github.com/aslanemre/CVE-2020-29364/blob/main/CVE-2020-29364Exploit, Third Party Advisory
- https://www.netartmedia.net/newslisterProduct, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-29364?
In NetArt News Lister 1.0.0, the news headlines vulnerable to stored xss attacks. Attackers can inject codes in news titles.
How severe is CVE-2020-29364?
CVE-2020-29364 has a CVSS score of 4.8/10 (MEDIUM severity). The EPSS model estimates a 0.61% probability of exploitation in the next 30 days.
How do I fix CVE-2020-29364?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2020-29364?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST