CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-10509

Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers can inject arbitrary command into the system and launch XSS attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.4%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://www.chtsecurity.com/news/30772cf1-2e7e-4afe-9282-b5a196b22e71
https://www.twcert.org.tw/tw/cp-132-3449-c87d8-1.html
https://www.chtsecurity.com/news/30772cf1-2e7e-4afe-9282-b5a196b22e71
https://www.twcert.org.tw/tw/cp-132-3449-c87d8-1.html

Products affected by CVE-2020-10509

Sun » Ehrd » Version: 8.0

cpe:2.3:a:sun:ehrd:8.0
Sun » Ehrd » Version: 9.0

cpe:2.3:a:sun:ehrd:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10509

Products

Pricing

Contact Us