Secure File Sharing Utility
by BooleBox
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-13247 | Hig | 0.48 | 7.3 | 0.01 | Jun 24, 2020 | BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area. | ||
| CVE-2020-13248 | Med | 0.35 | 5.4 | 0.01 | Jun 24, 2020 | BooleBox Secure File Sharing Utility before 4.2.3.0 allows stored XSS via a crafted avatar field within My Account JSON data to Account.aspx. |
- risk 0.48cvss 7.3epss 0.01
BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area.
- risk 0.35cvss 5.4epss 0.01
BooleBox Secure File Sharing Utility before 4.2.3.0 allows stored XSS via a crafted avatar field within My Account JSON data to Account.aspx.