CVE-2020-24708

CVE-2020-24708

EPSS 0.6%

Cross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via the Host field on the send profile form.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/gophish/gophish/commit/90fed5a575628b89eaf941e1627b49e0f3693812 https://herolab.usd.de/security-advisories/usd-2020-0048/