Lucene search
+L
FlexmonsterPivot Table & Charts

4 matches found

CVE
CVE
added 2020/12/17 10:38 p.m.75 views

CVE-2020-20142

The provided connected sources confirm CVE-2020-20142 affects Flexmonster Pivot Table & Charts 2.7.17, specifically the "+To Remote CSV" component under the Open menu. The root cause is a reflected XSS due to insufficient input sanitization of the 'path' parameter when fetching file specification...

6.1CVSS6AI score0.01583EPSS
CVE
CVE
added 2020/12/17 10:38 p.m.73 views

CVE-2020-20139

CVE-2020-20139 is a reflected XSS vulnerability in Flexmonster Pivot Table & Charts 2.7.17, affecting the Remote JSON component under the Connect menu. The root cause is insufficient input sanitization of the 'path' parameter when fetching file specifications via file_specs.php, enabling potentia...

6.1CVSS6AI score0.01616EPSS
CVE
CVE
added 2020/12/17 10:38 p.m.73 views

CVE-2020-20140

CVE-2020-20140 is a reflected XSS in Flexmonster Pivot Table & Charts 2.7.17, affecting the Remote Report component under the Open menu. Exploit details indicate the issue stems from insufficient input sanitization of the 'path' parameter in file_specs.php, enabling payload execution. Affected pr...

6.1CVSS6AI score0.01616EPSS
CVE
CVE
added 2020/12/17 10:38 p.m.71 views

CVE-2020-20141

CVE-2020-20141 is a Cross Site Scripting (XSS) vulnerability in the To OLAP (XMLA) component under the Connect menu of Flexmonster Pivot Table & Charts 2.7.17. The Reflected XSS stems from insufficient input sanitization of the 'path' parameter when fetching file specifications (file_specs.php). ...

6.1CVSS5.9AI score0.01616EPSS