{"id":"GHSA-f92p-f8r2-c87q","summary":"Tribal Systems Zenario CMS vulnerable to Cross-site Scripting","details":"A vulnerability has been found in Tribal Systems Zenario CMS prior to version 8.5.51340. Affected by this issue is some unknown functionality of the file `admin_organizer.js` of the component `Error Log Module`. The manipulation leads to cross site scripting. The attack may be launched remotely. The issue is patched in version 8.5.51340. ","aliases":["CVE-2020-36608"],"modified":"2023-11-08T04:03:48.216937Z","published":"2022-11-03T12:00:30Z","database_specific":{"severity":"MODERATE","github_reviewed":true,"cwe_ids":["CWE-79"],"github_reviewed_at":"2022-11-03T18:15:02Z","nvd_published_at":"2022-11-02T19:15:00Z"},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36608"},{"type":"WEB","url":"https://github.com/TribalSystems/Zenario/commit/dfd0afacb26c3682a847bea7b49ea440b63f3baa"},{"type":"PACKAGE","url":"https://github.com/TribalSystems/Zenario"},{"type":"WEB","url":"https://vuldb.com/?id.212816"}],"affected":[{"package":{"name":"tribalsystems/zenario","ecosystem":"Packagist","purl":"pkg:composer/tribalsystems/zenario"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.5.51340"}]}],"versions":["7.5.40440","7.5.41006","7.5.41499","7.5.41633","7.5.42085","7.5.42990","7.5.47180","7.6.41504","7.6.41633","7.6.42085","7.6.42990","7.6.47180","7.7.42682","7.7.42963","7.7.42990","7.7.44223","7.7.47180","7.7.47369","7.7.48583","8.0.44237","8.0.44273","8.0.44294","8.0.44521","8.0.45032","8.0.45250","8.0.45529","8.0.47180","8.0.48583","8.1.45530","8.1.45698","8.1.46089","8.1.46433","8.1.46615","8.1.47180","8.1.47369","8.1.48583","8.2.46436","8.2.46614","8.2.47180","8.2.47369","8.2.47992","8.2.48583","8.3.47997","8.3.48583","8.3.50564","8.4.50565","8.4.51340","8.5.50567","8.5.50837"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/11/GHSA-f92p-f8r2-c87q/GHSA-f92p-f8r2-c87q.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}