Lucene search
MitreCVELIST:CVE-2020-9447HistoryFeb 28, 2020 - 3:07 p.m.
CVE-2020-9447
2020-02-2815:07:46
mitre
www.cve.org
3
EPSS
0.001
Percentile
47.8%
There is an XSS (cross-site scripting) vulnerability in GwtUpload 1.0.3 in the file upload functionality. Someone can upload a file with a malicious filename, which contains JavaScript code, which would result in XSS. Cross-site scripting enables attackers to steal data, change the appearance of a website, and perform other malicious activities like phishing or drive-by hacking.
Related
osv
osv
Cross-site Scripting in GwtUpload
2021-04-22 16:15:33
CVE-2020-9447
2020-02-28 16:15:11
prion
prion
Cross site scripting
2020-02-28 16:15:00
veracode
veracode
Cross-site Scripting (XSS)
2020-03-02 09:19:26
Cross-site Scripting (XSS)
2021-04-23 03:41:09
coresecurity
coresecurity
GWTUpload XSS in the File Upload Functionality
2020-03-04 00:00:00
github
github
Cross-site Scripting in GwtUpload
2021-04-22 16:15:33
nvd
nvd
CVE-2020-9447
2020-02-28 16:15:11
cve
cve
CVE-2020-9447
2020-02-28 16:15:11