CVE-2020-9390
N/A
N/A
Summary
SquaredUp allowed Stored XSS before version 4.6.0. A user was able to create a dashboard that executed malicious content in iframe or by uploading an SVG that contained a script.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://support.squaredup.com/hc/en-us/articles/360017568258
- https://support.squaredup.com/hc/en-us/articles/360019427258-CVE-2020-9390-Stored-cross-site-scripting
- https://scomsupport.squaredup.com/hc/en-us/articles/8862922003869-CVE-2020-9390-Stored-cross-site-scripting-Web-Content-and-Visio-tile-
References
- https://support.squaredup.com/hc/en-us/articles/360017568258
- https://support.squaredup.com/hc/en-us/articles/360019427258-CVE-2020-9390-Stored-cross-site-scripting
- https://scomsupport.squaredup.com/hc/en-us/articles/8862922003869-CVE-2020-9390-Stored-cross-site-scripting-Web-Content-and-Visio-tile-
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.