CVE-2020-12530

CVSS 4.3 MEDIUMEPSS 0.6%CWE-79

An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. There is an XSS issue in the redirect.php allowing an attacker to inject code via a get parameter.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Produtos afetados

MB connect line · mbCONNECT24 MB connect line · mymbCONNECT24

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://cert.vde.com/de-de/advisories/vde-2021-003