CVE-2020-12853

CVE-2020-12853

EPSS 0.8%

Pydio Cells 2.0.4 allows XSS. A malicious user can either upload or create a new file that contains potentially malicious HTML and JavaScript code to personal folders or accessible cells.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/158002/Pydio-Cells-2.0.4-XSS-File-Write-Code-Execution.html https://www.coresecurity.com/core-labs/advisories/pydio-cells-204-multiple-vulnerabilities