6.8
CVSSv2

CVE-2019-20804

Published: 21/05/2020 Updated: 22/05/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Gila CMS prior to 1.11.6 allows CSRF with resultant XSS via the admin/themes URI, leading to compromise of the admin account.

Vulnerability Trend

Affected Products

Vendor Product Versions
GilacmsGila Cms0.1, 0.2, 1.0, 1.1.0, 1.2.0, 1.3.0, 1.3.1, 1.4.0, 1.4.2, 1.4.3, 1.5.0, 1.6.0, 1.7.0, 1.7.1, 1.7.2, 1.7.3, 1.7.6, 1.8.0, 1.8.1, 1.8.2, 1.8.3, 1.9.0, 1.9.1, 1.9.4, 1.9.5, 1.10.0, 1.10.1, 1.10.2, 1.10.3, 1.10.5, 1.10.6, 1.10.8, 1.10.9, 1.11.1, 1.11.2, 1.11.4