mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
706 B
706 B
CVE-2020-35418
Description
Cross Site Scripting (XSS) in the contact page of Group Office CRM 6.4.196 by uploading a crafted svg file.
POC
Reference
- https://fatihhcelik.blogspot.com/2020/12/group-office-crm-stored-xss-via-svg-file.html
- https://fatihhcelik.blogspot.com/2020/12/group-office-crm-stored-xss-via-svg-file.html
Github
No PoCs found on GitHub currently.