O-Dyn: >> Collabtive >> 3.0 Security Vulnerabilities
An issue was discovered in Collabtive 3.0 and later. managefile.php is vulnerable to XSS: when the action parameter is set to movefile and the id parameter corresponds to a project the current user has access to, the file and target parameters are reflected.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-08-31