CVE-2020-29072
N/A
N/A
Summary
A Cross-Site Script Inclusion vulnerability was found on LiquidFiles before 3.3.19. This client-side attack requires user interaction (opening a link) and successful exploitation could lead to encrypted e-mail content leakage via messages/sent?format=js and popup?format=js.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://lean0x2f.github.io/liquidfiles_advisory
- https://man.liquidfiles.com/release_notes/version_3-3-x.html
References
- https://lean0x2f.github.io/liquidfiles_advisory
- https://man.liquidfiles.com/release_notes/version_3-3-x.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.