CVE-2020-1949 is a vulnerability in Apache Sling Cms
Published on April 1, 2020

Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS attacks.

NVD

Products Associated with CVE-2020-1949

Want to know whenever a new CVE is published for Apache Sling Cms? stack.watch will email you.

Apache Sling Cms

Exploit Probability

EPSS

1.83%

Percentile

82.66%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-1949 is a vulnerability in Apache Sling CmsPublished on April 1, 2020

Products Associated with CVE-2020-1949

Exploit Probability

CVE-2020-1949 is a vulnerability in Apache Sling Cms
Published on April 1, 2020