2 matches found
CVE-2020-35986
A stored cross site scripting XSS vulnerability in the 'Users Access Groups' feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Name' parameter...
CVE-2020-35986
The connected Nuclei template and multiple references confirm CVE-2020-35986 is a stored XSS in the Rukovoditel Web App (version