← volver
CVE-2020-13655

CVE-2020-13655

EPSS 0.7%
An issue was discovered in Collabtive 3.0 and later. managefile.php is vulnerable to XSS: when the action parameter is set to movefile and the id parameter corresponds to a project the current user has access to, the file and target parameters are reflected.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://sisl.lab.uic.edu/projects/chess/cross-site-scripting-in-collabtive/http://www.collabtive.o-dyn.de/blog/