CVE-2020-20982
Description
Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php.
NVD
Severity: CRITICAL
CVE ID: CVE-2020-20982
CVSS Score: 9.6
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2020-20982
Refrence: Project Discovery GitHub