Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-23647

Disclosure Date: April 28, 2023 (last updated February 24, 2025)
Cross Site Scripting (XSS) vulnerability in BoxBilling 4.19, 4.19.1, 4.20, and 4.21 allows remote attackers to run arbitrary code via the message field on the submit new ticket form.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0