Security Advisory

CVE-2020-28365

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-30 18:17:10

Last updated 2024-08-04 16:33:59

Assigner mitre

State PUBLISHED

Description

Sentrifugo 3.2 allows Stored Cross-Site Scripting (XSS) vulnerability by inserting a payload within the X-Forwarded-For HTTP header during the login process. When an administrator looks at logs, the payload is executed. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

← Browse all CVEs View on cve.org ↗