Security Advisory

CVE-2020-13655

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-08-31 14:19:03
Last updated 2024-08-04 12:25:16
Assigner mitre
State PUBLISHED

Description

An issue was discovered in Collabtive 3.0 and later. managefile.php is vulnerable to XSS: when the action parameter is set to movefile and the id parameter corresponds to a project the current user has access to, the file and target parameters are reflected.