Skip to main content
CVE-2020-13890 MEDIUM POC This Month

The Neon theme 2.0 before 2020-06-03 for Bootstrap allows XSS via an Add Task Input operation in a dashboard. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Neon
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-13889 MEDIUM POC This Month

showAlert() in the administration panel in Bludit 3.12.0 allows XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Bludit
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2020-13883 MEDIUM This Month

In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, and WSO2 IS as Key Manager 5.9.0 and earlier, Management Console allows XXE during addition or update of a Lifecycle. Rated medium severity (CVSS 6.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Api Manager Api Microgateway Identity Server As Key Manager
NVD
CVSS 3.1
6.7
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy