CVE-2020-13247
BooleBox Secure File Sharing Utility (before 4.2.3.0) is affected by two CVEs in the dataset: CVE-2020-13247 enables CSV injection via a crafted username exported from activity logs in Audit Area; CVE-2020-13248 enables stored XSS via a crafted avatar field in My Account JSON data to Account.aspx...