Medium severity6.1NVD Advisory· Published Sep 22, 2020· Updated Jun 17, 2026
CVE-2020-14024
CVE-2020-14024
Description
Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the (1) Receiver or Recipient field in the Mailbox feature, (2) OZFORM_GROUPNAME field in the Group configuration of addresses, (3) listname field in the Defining address lists configuration, or (4) any GET Parameter in the /default URL of the application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Ozeki/NG SMS Gatewaydescription
- Range: <=4.17.6
Patches
Vulnerability mechanics
References
2- github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14024-Multiple%20XSS-Ozeki%20SMS%20GatewaynvdExploitThird Party Advisory
- www.ozeki.hu/index.phpnvdProductVendor Advisory
News mentions
0No linked articles in our index yet.