How severe is CVE-2020-36828?

This vulnerability has a severity rating of LOW with a CVSS score of 3.5 out of 10.

What type of vulnerability is CVE-2020-36828?

This is classified as CWE-79, which is a common weakness in software security.

CVE-2020-36828

LOW Year: 2020

CVSS v3 Score

3.5

Low

CVSS v2 Score

4.0

Medium

Weakness Type

CWE-79

View all →

Vulnerability Description

A vulnerability was found in DiscuzX up to 3.4-20200818. It has been classified as problematic. Affected is the function show_next_step of the file upload/install/include/install_function.php. The manipulation of the argument uchidden leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 3.4-20210119 is able to address this issue. The name of the patch is 4a9673624f46f7609486778ded9653733020c567. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-258612.

CVE-2014-125110

LOW

CVSS:3.5(Low)

A vulnerability has been found in wp-file-upload Plugin up to 2.4.3 on WordPress and classified as problematic. Affected by this vulnerability is the function wfu_ajax_action_callback of the file lib/...

CWE-792014

CVE-2014-125111

LOW

CVSS:3.5(Low)

A vulnerability was found in namithjawahar Wp-Insert up to 2.0.8 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. Th...

CWE-792014

CVE-2015-10131

LOW

CVSS:3.5(Low)

A vulnerability was found in chrisy TFO Graphviz Plugin up to 1.9 on WordPress and classified as problematic. Affected by this issue is the function admin_page_load/admin_page of the file tfo-graphviz...

CWE-792015

CVE-2015-10132

LOW

CVSS:3.5(Low)

A vulnerability classified as problematic was found in Thimo Grauerholz WP-Spreadplugin up to 3.8.6.1 on WordPress. This vulnerability affects unknown code of the file spreadplugin.php. The manipulati...

CWE-792015

CVE-2017-20191

LOW

CVSS:3.5(Low)

A vulnerability was found in Zimbra zm-admin-ajax up to 8.8.1. It has been classified as problematic. This affects the function XFormItem.prototype.setError of the file WebRoot/js/ajax/dwt/xforms/XFor...

CWE-792017

CVE-2018-25101

LOW

CVSS:3.5(Low)

A vulnerability, which was classified as problematic, has been found in l2c2technologies Koha up to 20180108. This issue affects some unknown processing of the file /cgi-bin/koha/opac-MARCdetail.pl. T...

CWE-792018

CVE-2020-36828

Vulnerability Description

Related Vulnerabilities

CVE-2014-125110

CVE-2014-125111

CVE-2015-10131

CVE-2015-10132

CVE-2017-20191

CVE-2018-25101