2 matches found
CVE-2020-28945
OX App Suite, affected versions 7.10.4 and earlier, contains a frontend XSS vulnerability (CVE-2020-28945) introduced by improper handling of crafted content in a Notes item, enabling script execution in a user’s browser context when search results return malicious data. The issue affects the web...
CVE-2020-28945
OX App Suite 7.10.4 and earlier allows XSS via crafted content to reach an undocumented feature, such as !http://onerror=Function.constructor, in a Notes item...