4 matches found
CVE-2020-35706
Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Project screen...
CVE-2020-35706
creationtimestamp| type| source ---|---|--- 2020-12-25 12:55:49+00:00| seen| https://t.me/cibsecurity/21301...
CVE-2020-35706
Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Project screen...
CVE-2020-35706
CVE-2020-35706 affects Daybyday 2.1.0. The vulnerability is a stored XSS in the Title parameter of the New Project screen. The root cause is improper handling/sanitization of user-supplied input for that field, enabling injected scripts to persist and potentially execute in contexts where the pro...