CVE-2020-36495

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `filename`, `mid`, `userid`, and `templet' parameters. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt