Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-9390

Disclosure Date: February 03, 2021 (last updated February 22, 2025)
SquaredUp allowed Stored XSS before version 4.6.0. A user was able to create a dashboard that executed malicious content in iframe or by uploading an SVG that contained a script.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0