2 matches found
CVE-2020-8985
ZendTo prior to 5.22-2 Beta allowed reflected XSS and CSRF via the unlock.tpl unlock user functionality...
CVE-2020-8985
ZendTo (web-based file transfer) prior to version 5.22-2 Beta contains a vulnerability in the unlock.tpl unlock user functionality allowing reflected XSS and CSRF. Root cause details are not provided beyond the described vectors. Impact is stated as enabling client-side script execution and cross...