4 matches found
Flexmonster Pivot Table & Charts 2.7.17 - 'Remote JSON' Reflected XSS
Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'Remote JSON' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version: Flexmonster Pivot Table & Charts 2.7.17 Tested on: Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20139...
CVE-2020-20139
creationtimestamp| type| source ---|---|--- 2020-12-18 02:43:27+00:00| seen| https://t.me/cibsecurity/21046 2024-11-14 06:07:33+00:00| seen| MISP/8e734b77-0b7c-4b6a-b027-d18d4bcb48e8...
CVE-2020-20139
CVE-2020-20139 is a reflected XSS vulnerability in Flexmonster Pivot Table & Charts 2.7.17, affecting the Remote JSON component under the Connect menu. The root cause is insufficient input sanitization of the 'path' parameter when fetching file specifications via file_specs.php, enabling potentia...
CVE-2020-20139
Cross Site Scripting XSS vulnerability in the Remote JSON component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...