Описание
An issue was discovered in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board.
An issue was discovered in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-14294
- https://github.com/patrickhener/CVE-2020-14294
- https://www.qiata.com
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-024.txt
- https://www.syss.de/pentest-blog/syss-2020-024-und-syss-2020-025-zwei-schwachstellen-in-file-transfer-loesung-von-qiata
- http://seclists.org/fulldisclosure/2020/Sep/50
EPSS
Процентиль: 69%
0.00615
Низкий
CVE ID
Связанные уязвимости
CVSS3: 6.1
nvd
больше 5 лет назад
An issue was discovered in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board.
EPSS
Процентиль: 69%
0.00615
Низкий