CVE-2020-36608
published 2022-11-02CVE-2020-36608: A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS. Affected by this issue is some unknown functionality of the…
PriorityP427medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.40%
31.3th percentile
A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS. Affected by this issue is some unknown functionality of the file admin_organizer.js of the component Error Log Module. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is dfd0afacb26c3682a847bea7b49ea440b63f3baa. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-212816.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tribal_systems | zenario_cms | — | — |
| tribalsystems | zenario | < 8.7 | 8.7 |
| tribalsystems | zenario | >= 0 < 8.5.51340 | 8.5.51340 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Tribal Systems Zenario CMS vulnerable to Cross-site Scripting
osv·2022-11-03
CVE-2020-36608 [MEDIUM] Tribal Systems Zenario CMS vulnerable to Cross-site Scripting
Tribal Systems Zenario CMS vulnerable to Cross-site Scripting
A vulnerability has been found in Tribal Systems Zenario CMS prior to version 8.5.51340. Affected by this issue is some unknown functionality of the file `admin_organizer.js` of the component `Error Log Module`. The manipulation leads to cross site scripting. The attack may be launched remotely. The issue is patched in version 8.5.51340.
GHSA
Tribal Systems Zenario CMS vulnerable to Cross-site Scripting
ghsa·2022-11-03
CVE-2020-36608 [MEDIUM] CWE-79 Tribal Systems Zenario CMS vulnerable to Cross-site Scripting
Tribal Systems Zenario CMS vulnerable to Cross-site Scripting
A vulnerability has been found in Tribal Systems Zenario CMS prior to version 8.5.51340. Affected by this issue is some unknown functionality of the file `admin_organizer.js` of the component `Error Log Module`. The manipulation leads to cross site scripting. The attack may be launched remotely. The issue is patched in version 8.5.51340.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-11-02
Published