MEDIUM🇵🇱 Wersja polska

CVE-2020-21731

CVSS 6.1v3.1pub. 2020-09-14upd. 2026-07-05

Gazie 7.29 is affected by: Cross Site Scripting (XSS) via http://192.168.100.7/gazie/modules/config/admin_utente.php?user_name=amministratore&Update. An attacker can inject JavaScript code, and the webapplication stores the injected code.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • Gazie Project Gazie

    APP
    Gazie Project
    7.29
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2020-12743CRITICAL9.8ten sam produkt

An issue was discovered in Gazie 7.32. A successful installation does not remove or block (or in any other way...