s4fv4n/gist:0d7a5093886cf41d9c478166e4aeec64

## gistfile1.txt
CVE ID: CVE-2020-22540

Vulnerability Title: Stored Cross-Site Scripting Vulnerability on Codoforum v4.9

Description:
Codoforum v4.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability.

Vulnerability Type:
Cross Site Scripting (XSS)

Vendor of Product:
codoforum.com

Affected Product Code Base:
Codoforum - v4.9

Affected Component:
Stored XSS in Category name in codoforum v4.9

Impact Code execution:
true

Impact Information Disclosure:
true

Attack Vectors:
Steps to reproduce:

1- First login as a admin user
2- Goto category section create a new category
3- When creating a new category give the payload <script>alert(1)</script> as Category name
4- Then save
5- Then access the home page of the forum .
6- Now you can see the popup of XSS

Discoverer:
Safvan

Reference:
http://codoforum.com
	CVE ID: CVE-2020-22540

	Vulnerability Title: Stored Cross-Site Scripting Vulnerability on Codoforum v4.9

	Description:
	Codoforum v4.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability.

	Vulnerability Type:
	Cross Site Scripting (XSS)

	Vendor of Product:
	codoforum.com

	Affected Product Code Base:
	Codoforum - v4.9

	Affected Component:
	Stored XSS in Category name in codoforum v4.9

	Impact Code execution:
	true

	Impact Information Disclosure:
	true

	Attack Vectors:
	Steps to reproduce:

	1- First login as a admin user
	2- Goto category section create a new category
	3- When creating a new category give the payload <script>alert(1)</script> as Category name
	4- Then save
	5- Then access the home page of the forum .
	6- Now you can see the popup of XSS

	Discoverer:
	Safvan

	Reference:
	http://codoforum.com