CVE-2020-35741
7
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
Summary
HGiga MailSherlock does not validate user parameters on multiple login pages. Attackers can use the vulnerability to inject JavaScript syntax for XSS attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HGiga | MailSherlock MSR45/SSR45 | unspecified < 120 | affected |
| HGiga | MailSherlock MSR45/SSR45 | unspecified < 133 | affected |
Weaknesses
- CWE-79: CWE-79 Cross-site Scripting (XSS)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.