Vulnerabilities

CVE-2020-13655

by Fred · 31/08/2020

An issue was discovered in Collabtive 3.0 and later. managefile.php is vulnerable to XSS: when the action parameter is set to movefile and the id parameter corresponds to a project the current user has access to, the file and target parameters are reflected.

Date published : 2020-08-31

http://www.collabtive.o-dyn.de/blog/

https://sisl.lab.uic.edu/projects/chess/cross-site-scripting-in-collabtive/

Similar

Tags: Cybersecurity Alert