fastadmin V1.0.0.20200506_beta contains a cross-site scripting (XSS) vulnerability which may allow an attacker to obtain administrator credentials to log in to the background.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26609
Reference (s):
- https://github.com/BigTiger2020/Fastadmin-V1.0.0.20200506_beta
- https://github.com/BigTiger2020/Fastadmin-V1.0.0.20200506_beta/blob/main/README.md
- https://github.com/karsonzhang/fastadmin