CVE-2020-13889. The admin page of bludit have an XSS in the showAlert() function that dont sanitize user input leading them to execute an malicious code.
Author: Andre k Lorenci Contact: avlorenci@gmailcom CVE-2020-13889 Hello, this vulnerability consists in a function called showAlert() in the administration panel of bludit,that when accessed in DOM, allows users define the text to be popped up in the message box But this function dont have any sanatization and the user can inject any javascript code or even HTML in the page