CVE-2020-12530

Summary

An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. There is an XSS issue in the redirect.php allowing an attacker to inject code via a get parameter.

Affected Software

VendorProductVersion RangeStatus
MB connect linemymbCONNECT242.6.2 <= 2.6.2affected
MB connect linembCONNECT242.6.2 <= 2.6.2affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References