Secure File Sharing Utility
by BooleBox
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-13247 | 0.00 | — | 0.01 | Jun 24, 2020 | BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area. | |||
| CVE-2020-13248 | 0.00 | — | 0.00 | Jun 24, 2020 | BooleBox Secure File Sharing Utility before 4.2.3.0 allows stored XSS via a crafted avatar field within My Account JSON data to Account.aspx. |
- CVE-2020-13247Jun 24, 2020risk 0.00cvss —epss 0.01
BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area.
- CVE-2020-13248Jun 24, 2020risk 0.00cvss —epss 0.00
BooleBox Secure File Sharing Utility before 4.2.3.0 allows stored XSS via a crafted avatar field within My Account JSON data to Account.aspx.