CVE-2020-35740
7
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
Summary
HGiga MailSherlock does not validate specific URL parameters properly that allows attackers to inject JavaScript syntax for XSS attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HGiga | MailSherlock MSR45/SSR45 | unspecified < 120 | affected |
| HGiga | MailSherlock MSR45/SSR45 | unspecified < 133 | affected |
Weaknesses
- CWE-79: CWE-79 Cross-site Scripting (XSS)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.