VYPR
Unrated severityNVD Advisory· Published Aug 31, 2020· Updated Aug 4, 2024

CVE-2020-13655

CVE-2020-13655

Description

An issue was discovered in Collabtive 3.0 and later. managefile.php is vulnerable to XSS: when the action parameter is set to movefile and the id parameter corresponds to a project the current user has access to, the file and target parameters are reflected.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.