CVE-2020-7841
8.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto://
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| TOBESOFT | XPLATFORM XPlatformLib922.dll | 9.2.2.250 < 9.2.2.250(2019-08-27) | affected |
Weaknesses
- CWE-20: CWE-20 Improper Input Validation
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.