Vulnerability Details CVE-2020-13168
SysAid 20.1.11b26 allows reflected XSS via the ForgotPassword.jsp accountid parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.3%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2020-13168
-
cpe:2.3:a:sysaid:sysaid_on-premises:14.1
-
cpe:2.3:a:sysaid:sysaid_on-premises:14.2
-
cpe:2.3:a:sysaid:sysaid_on-premises:14.3
-
cpe:2.3:a:sysaid:sysaid_on-premises:14.4.00
-
cpe:2.3:a:sysaid:sysaid_on-premises:14.4.1
-
cpe:2.3:a:sysaid:sysaid_on-premises:14.4.2
-
cpe:2.3:a:sysaid:sysaid_on-premises:14.4.3
-
cpe:2.3:a:sysaid:sysaid_on-premises:15.1.20
-
cpe:2.3:a:sysaid:sysaid_on-premises:15.1.30
-
cpe:2.3:a:sysaid:sysaid_on-premises:15.1.50
-
cpe:2.3:a:sysaid:sysaid_on-premises:15.1.70
-
cpe:2.3:a:sysaid:sysaid_on-premises:15.2.03
-
cpe:2.3:a:sysaid:sysaid_on-premises:15.2.04
-
cpe:2.3:a:sysaid:sysaid_on-premises:15.2.05
-
cpe:2.3:a:sysaid:sysaid_on-premises:16.3.16
-
cpe:2.3:a:sysaid:sysaid_on-premises:16.3.17
-
cpe:2.3:a:sysaid:sysaid_on-premises:17.2.03
-
cpe:2.3:a:sysaid:sysaid_on-premises:17.3.57
-
cpe:2.3:a:sysaid:sysaid_on-premises:18.1.54
-
cpe:2.3:a:sysaid:sysaid_on-premises:19.2
-
cpe:2.3:a:sysaid:sysaid_on-premises:19.4
-
cpe:2.3:a:sysaid:sysaid_on-premises:5.0
-
cpe:2.3:a:sysaid:sysaid_on-premises:5.5.06
-
cpe:2.3:a:sysaid:sysaid_on-premises:5.6
-
cpe:2.3:a:sysaid:sysaid_on-premises:6.0.9
-
cpe:2.3:a:sysaid:sysaid_on-premises:6.5
-
cpe:2.3:a:sysaid:sysaid_on-premises:7.0
-
cpe:2.3:a:sysaid:sysaid_on-premises:7.5
-
cpe:2.3:a:sysaid:sysaid_on-premises:8.0
-
cpe:2.3:a:sysaid:sysaid_on-premises:8.1
-
cpe:2.3:a:sysaid:sysaid_on-premises:8.5
-
cpe:2.3:a:sysaid:sysaid_on-premises:9.0.10
-
cpe:2.3:a:sysaid:sysaid_on-premises:9.0.30
-
cpe:2.3:a:sysaid:sysaid_on-premises:9.0.40
-
cpe:2.3:a:sysaid:sysaid_on-premises:9.0.52
-
cpe:2.3:a:sysaid:sysaid_on-premises:9.0.53
-
cpe:2.3:a:sysaid:sysaid_on-premises:9.1.0
-
cpe:2.3:a:sysaid:sysaidsy_on-premises:20.1.11