CVE-2020-24924

A Persistent Cross-site Scripting vulnerability is found in ElkarBackup v1.3.3, where an attacker can steal the user session cookie using this vulnerability present on Policies action Name Parameter...

CVE-2020-24924

ElkarBackup v1.3.3 contains a persistent cross-site scripting vulnerability that can allow an attacker to steal a user session cookie. The issue is located in the Policies → action → Name parameter. Multiple connected sources (Red Hat, CNVD, NVD, CVE lists) corroborate the vulnerability as a cros...