CVE-2020-36085

{"id": "CVE-2020-36085", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.8}]}, "published": "2025-02-06T22:15:33.937", "references": [{"url": "https://github.com/manitorpotterk/CVE/blob/main/Egavilan%20Media%20XSS.md", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Stored Cross Site Scripting(XSS) vulnerability in Egavilan Media Resumes Management and Job Application Website 1.0 allows remote attackers to inject arbitrary code via First and Last Name in Apply For This Job Form."}, {"lang": "es", "value": "La vulnerabilidad de Cross Site Scripting (XSS) almacenado en Egavilan Media Resumes Management and Job Application Website 1.0 permite a atacantes remotos inyectar c\u00f3digo arbitrario a trav\u00e9s del nombre y apellido en el formulario de solicitud para este empleo."}], "lastModified": "2025-02-11T15:15:13.697", "sourceIdentifier": "[email protected]"}