Published: 24/06/2020 Updated: 29/06/2020
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Summary

An issue exists in Navigate CMS 2.9 r1433. The query parameter fid on the resource navigate.php does not perform sufficient data validation and/or encoding, making it vulnerable to reflected XSS.

Vulnerability Trend

Affected Products

Vendor Product Versions
NaviwebsNavigate Cms2.9