Medium severityNVD Advisory· Published Feb 3, 2026· Updated Apr 15, 2026
CVE-2020-37087
CVE-2020-37087
Description
Easy Transfer Wifi Transfer v1.7 for iOS contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious scripts by manipulating the oldPath, newPath, and path parameters in Create Folder and Move/Edit functions. Attackers can exploit improper input validation via POST requests to execute arbitrary JavaScript in the context of the mobile web application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =1.7
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.