Vulnerability Details CVE-2020-35853
4images Image Gallery Management System 1.7.11 is affected by cross-site scripting (XSS) in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be able to steal the cookie according to the crafted payload.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.4%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
Products affected by CVE-2020-35853
-
cpe:2.3:a:4homepages:4images:1.7.11