CVE-2020-36932

Source
https://cve.org/CVERecord?id=CVE-2020-36932
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-36932.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-36932
Published
2026-01-25T13:15:59.560Z
Modified
2026-07-08T20:14:41.884285Z
Severity
  • 5.1 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator
Summary
[none]
Details

SeaCMS 11.1 contains a stored cross-site scripting vulnerability in the checkuser parameter of the admin settings page. Attackers can inject malicious JavaScript payloads that will execute in users' browsers when the page is loaded.

References

Affected packages

Git / github.com/ciweiin/seacms

Affected ranges

Type
GIT
Repo
https://github.com/ciweiin/seacms
Events
Database specific
{
    "cpe": "cpe:2.3:a:seacms:seacms:11.1:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "11.1"
        },
        {
            "last_affected": "11.1"
        }
    ],
    "source": "CPE_STRING"
}

Affected versions

11.*
11.1
v11.*
v11.1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-36932.json"

Git / github.com/huaqipro/seacms

Affected ranges

Type
GIT
Repo
https://github.com/huaqipro/seacms
Events
Database specific
{
    "cpe": "cpe:2.3:a:seacms:seacms:11.1:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "11.1"
        },
        {
            "last_affected": "11.1"
        }
    ],
    "source": "CPE_STRING"
}

Affected versions

11.*
11.1
v11.*
v11.1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-36932.json"