4 matches found
CVE-2020-20142
The provided connected sources confirm CVE-2020-20142 affects Flexmonster Pivot Table & Charts 2.7.17, specifically the "+To Remote CSV" component under the Open menu. The root cause is a reflected XSS due to insufficient input sanitization of the 'path' parameter when fetching file specification...
CVE-2020-20139
CVE-2020-20139 is a reflected XSS vulnerability in Flexmonster Pivot Table & Charts 2.7.17, affecting the Remote JSON component under the Connect menu. The root cause is insufficient input sanitization of the 'path' parameter when fetching file specifications via file_specs.php, enabling potentia...
CVE-2020-20140
CVE-2020-20140 is a reflected XSS in Flexmonster Pivot Table & Charts 2.7.17, affecting the Remote Report component under the Open menu. Exploit details indicate the issue stems from insufficient input sanitization of the 'path' parameter in file_specs.php, enabling payload execution. Affected pr...
CVE-2020-20141
CVE-2020-20141 is a Cross Site Scripting (XSS) vulnerability in the To OLAP (XMLA) component under the Connect menu of Flexmonster Pivot Table & Charts 2.7.17. The Reflected XSS stems from insufficient input sanitization of the 'path' parameter when fetching file specifications (file_specs.php). ...