Security Advisory

CVE-2020-37087

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-03 22:09:48

Last updated 2026-02-04 14:52:11

Assigner VulnCheck

State PUBLISHED

Description

Easy Transfer Wifi Transfer v1.7 for iOS contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious scripts by manipulating the oldPath, newPath, and path parameters in Create Folder and Move/Edit functions. Attackers can exploit improper input validation via POST requests to execute arbitrary JavaScript in the context of the mobile web application.

← Browse all CVEs View on cve.org ↗