Lucene search

CVE-2020-29072

🗓️ 25 Nov 2020 03:11:15Reported by mitreType

cve🔗 web.nvd.nist.gov👁 63 Views🌐 WEB

Cross-Site Script Inclusion vulnerability in LiquidFiles before 3.3.19

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
NVD	CVE-2020-29072	25 Nov 202003:15	–	nvd
Cvelist	CVE-2020-29072	25 Nov 202002:47	–	cvelist
RedhatCVE	CVE-2020-29072	22 May 202516:36	–	redhatcve
CNVD	LiquidFiles Cross-Site Script Inclusion Vulnerability	26 Nov 202000:00	–	cnvd
Prion	Cross site scripting	25 Nov 202003:15	–	prion

Nvd

Node

liquidfiles liquidfilesRange<3.3.19

Source	Link
lean0x2f	www.lean0x2f.github.io/liquidfiles_advisory
man	www.man.liquidfiles.com/release_notes/version_3-3-x.html

Parameter	Position	Path	Description	CWE
format	query param	messages/sent	Cross-Site Script Inclusion vulnerability allowing for leakage of encrypted email content.	CWE-829
format	query param	popup	Cross-Site Script Inclusion vulnerability allowing for leakage of encrypted email content.	CWE-829

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 Nov 2020 03:15Current

6Medium risk

Vulners AI Score6

CVSS24.3

CVSS36.1

EPSS0.00243

CWE-829