3 matches found
CVE-2020-28647
In Progress MOVEit Transfer before 2020.1, a malicious user could craft and store a payload within the application. If a victim within the MOVEit Transfer instance interacts with the stored payload, it could invoke and execute arbitrary code within the context of the victim's browser XSS...
CVE-2020-28647
In Progress MOVEit Transfer before 2020.1, a malicious user could craft and store a payload within the application. If a victim within the MOVEit Transfer instance interacts with the stored payload, it could invoke and execute arbitrary code within the context of the victim's browser XSS...
CVE-2020-28647
MOVEit Transfer (pre-2020.1) is affected by a stored XSS vulnerability: a malicious payload crafted by an attacker can be stored in the app and, when a user interacts with it, execute arbitrary code in the victim’s browser. Public advisories and a GitHub exploit example describe the existence of ...