Lucene search

K

MitreCVELIST:CVE-2020-35707

HistoryDec 25, 2020 - 5:24 a.m.

CVE-2020-35707

2020-12-2505:24:30

mitre

www.cve.org

1

daybyday 2.1.0

stored xss

new client screen

company name parameter

EPSS

0.001

Percentile

21.4%

Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen.

References

github.com/Bottelet/DaybydayCRM/releases

tufangungor.github.io/exploit/2020/12/12/daybydaycrm-2.1.0-multiple-stored-xss.html

EPSS

0.001

Percentile

21.4%

Related for CVELIST:CVE-2020-35707

nvd1 osv1 prion1 cve1