Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2020-13247

Disclosure Date: June 24, 2020 (last updated February 21, 2025)
BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area.
Attack Vector: LocalPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-13248

Disclosure Date: June 24, 2020 (last updated February 21, 2025)
BooleBox Secure File Sharing Utility before 4.2.3.0 allows stored XSS via a crafted avatar field within My Account JSON data to Account.aspx.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0