Lucene search

K

GoogleOSV:CVE-2020-35707

HistoryDec 25, 2020 - 6:15 a.m.

CVE-2020-35707

2020-12-2506:15:14

Google

osv.dev

6

daybyday software security stored-xss cve-2020-35707 company-name new-client-screen

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

21.4%

Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen.

References

github.com/Bottelet/DaybydayCRM/releases

tufangungor.github.io/exploit/2020/12/12/daybydaycrm-2.1.0-multiple-stored-xss.html

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

21.4%

Related for OSV:CVE-2020-35707

nvd1 prion1 cvelist1 cve1