CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-10227

A cross-site scripting (XSS) vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.5%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://sourceforge.net/projects/vtecrm/
https://vtenext.com/en/
https://www.exploit-db.com/exploits/48804
https://sourceforge.net/projects/vtecrm/
https://vtenext.com/en/
https://www.exploit-db.com/exploits/48804

Products affected by CVE-2020-10227

Vtenext » Vtenext » Version: 19

cpe:2.3:a:vtenext:vtenext:19

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10227

Products

Pricing

Contact Us