CVE-2020-7841

Summary

Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto://

Affected Software

VendorProductVersion RangeStatus
TOBESOFTXPLATFORM XPlatformLib922.dll9.2.2.250 < 9.2.2.250(2019-08-27)affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References