4 matches found
CVE-2020-24708
Cross Site Scripting XSS vulnerability in Gophish before 0.11.0 via the Host field on the send profile form...
CVE-2020-24708
creationtimestamp| type| source ---|---|--- 2020-10-28 23:33:32+00:00| seen| https://t.me/cibsecurity/15702...
CVE-2020-24708
Cross Site Scripting XSS vulnerability in Gophish before 0.11.0 via the Host field on the send profile form...
CVE-2020-24708
Gophish is affected by a Cross-Site Scripting (XSS) vulnerability (CVE-2020-24708) in versions prior to 0.11.0, exploitable via the Host field on the send profile form. Root cause: improper handling of input in the Host field leading to script injection. Impact: potential script execution in the ...