CVE-2020-29072
25.11.2020, 03:15
A Cross-Site Script Inclusion vulnerability was found on LiquidFiles before 3.3.19. This client-side attack requires user interaction (opening a link) and successful exploitation could lead to encrypted e-mail content leakage via messages/sent?format=js and popup?format=js.Enginsight
| Vendor | Product | Version |
|---|---|---|
| liquidfiles | liquidfiles | 𝑥 < 3.3.19 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration