Design/Logic Flaw

2020-06-2420:15:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.4%

JSON

BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area.

CPENameOperatorVersion
booleboxlt4.2.3.0

CPE	Name	Operator	Version
	boolebox	lt	4.2.3.0

References

app.boolebox.com/release/vulnerabilities/CVE-2020-13247-13248.html

members.backbox.org/boolebox-secure-sharing-multiple-vulnerabilities/