CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-24924

A Persistent Cross-site Scripting vulnerability is found in ElkarBackup v1.3.3, where an attacker can steal the user session cookie using this vulnerability present on Policies >> action >> Name Parameter

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.1%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://github.com/sooraj24/new/blob/master/XSS%20in%20ElkarBackup
https://vyshnavvizz.blogspot.com/2020/09/stored-cross-site-scripting-in.html
https://www.elkarbackup.org/
https://github.com/sooraj24/new/blob/master/XSS%20in%20ElkarBackup
https://vyshnavvizz.blogspot.com/2020/09/stored-cross-site-scripting-in.html
https://www.elkarbackup.org/

Products affected by CVE-2020-24924

Elkarbackup » Elkarbackup » Version: 1.3.3

cpe:2.3:a:elkarbackup:elkarbackup:1.3.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-24924

Products

Pricing

Contact Us