Rukovoditel Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2020-21732 - Vulnerability Database

Rukovoditel

Rukovoditel Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2020-21732

Medium

Reference: CVE-2020-21732

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-21732

Title: Rukovoditel Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Overview:

Rukovoditel Project Management app 2.6 is affected by: Cross Site Scripting (XSS). An attacker can add JavaScript code to the filename.