CVE-2020-28927

EPSS 0.24% · P47 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-28927

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

There is a Stored XSS in Magicpin v2.1 in the User Registration section. Each time an admin visits the manage user section from the admin panel, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Magicpin 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Magicpin是印度Magicpin公司的一个用于探索周边热门生活服务的Web平台。该平台主要为用户提供促销打折活动、内容变更、商家动态等信息以及社交功能搜索、发现周边商户和餐厅、积分兑换等服务。 Magicpin v2.1版本存在跨站脚本漏洞，该漏洞源于用户注册部分中有一个存储的XSS。每当管理员从管理面板访问manage user部分时，XSS就会触发，攻击者可利用该漏洞就能够根据精心设计的有效负载窃取cookie。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2020-28927

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-28927

请登录查看更多情报信息。

https://akshayj0111.medium.com/cve-2020-28927-6f64c25239bbx_refsource_MISC
https://magicpin.inx_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2020-28927

Same Patch Batch · n/a · 2020-11-23 · 32 CVEs total

CVE-2020-7777	7.2 HIGH	Arbitrary Code Execution
CVE-2020-28864		Winscp 缓冲区错误漏洞
CVE-2020-0569		Intel PROSet/Wireless WiFi Software 缓冲区错误漏洞
CVE-2020-28053		Hashicorp HashiCorp Consul 安全漏洞
CVE-2020-27985		Security Onion Solutions Security Onion 安全漏洞
CVE-2020-28421		Broadcom CA Unified Infrastructure Management 安全漏洞
CVE-2019-14553		EDK2 授权问题漏洞
CVE-2019-14559		EDK2 资源管理错误漏洞
CVE-2019-14562		EDK2 输入验证错误漏洞
CVE-2019-14563		EDK2 输入验证错误漏洞
CVE-2019-14575		EDK2 安全漏洞
CVE-2019-14586		EDK2 资源管理错误漏洞
CVE-2019-14587		EDK2 安全漏洞
CVE-2020-12351		Linux kernel 输入验证错误漏洞
CVE-2020-12352		Linux kernel 信息泄露漏洞
CVE-2020-6939		Tableau Software Server 授权问题漏洞
CVE-2020-28984		SPIP 安全漏洞
CVE-2020-28896		Mutt和NeoMutt 安全漏洞
CVE-2020-15436		Linux kernel 资源管理错误漏洞
CVE-2020-15437		Linux kernel 代码问题漏洞

Showing top 20 of 32 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2020-28927

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-28927

I. Basic Information for CVE-2020-28927

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-28927

III. Intelligence Information for CVE-2020-28927

Same Patch Batch · n/a · 2020-11-23 · 32 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-28927

Leave a comment