Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2020-13168

Published: 02/10/2020 Updated: 08/10/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Sysaid

Vulnerability Summary

SysAid 20.1.11b26 allows reflected XSS via the ForgotPassword.jsp accountid parameter.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sysaid sysaid on-premises 5.0

sysaid sysaid on-premises 5.5.06

sysaid sysaid on-premises 5.6

sysaid sysaid on-premises 6.0.9

sysaid sysaid on-premises 6.5

sysaid sysaid on-premises 7.0

sysaid sysaid on-premises 7.5

sysaid sysaid on-premises 8.0

sysaid sysaid on-premises 8.1

sysaid sysaid on-premises 8.5

sysaid sysaid on-premises 9.0.10

sysaid sysaid on-premises 9.0.30

sysaid sysaid on-premises 9.0.40

sysaid sysaid on-premises 9.0.52

sysaid sysaid on-premises 9.0.53

sysaid sysaid on-premises 9.1.0

sysaid sysaid on-premises 14.1

sysaid sysaid on-premises 14.2

sysaid sysaid on-premises 14.3

sysaid sysaid on-premises 14.4.00

sysaid sysaid on-premises 14.4.1

sysaid sysaid on-premises 14.4.2

sysaid sysaid on-premises 14.4.3

sysaid sysaid on-premises 15.1.20

sysaid sysaid on-premises 15.1.30

sysaid sysaid on-premises 15.1.50

sysaid sysaid on-premises 15.1.70

sysaid sysaid on-premises 15.2.03

sysaid sysaid on-premises 15.2.04

sysaid sysaid on-premises 15.2.05

sysaid sysaid on-premises 16.3.16

sysaid sysaid on-premises 16.3.17

sysaid sysaid on-premises 17.2.03

sysaid sysaid on-premises 17.3.57

sysaid sysaid on-premises 18.1.54

sysaid sysaid on-premises 19.2

sysaid sysaid on-premises 19.4

sysaid sysaidsy on-premises 20.1.11

References

CWE-79https://github.com/lodestone-security/CVEs/tree/master/CVE-2020-13168https://www.sysaid.com/product/on-premise/latest-releasehttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-47626CVE-2024-3400physicalCVE-2024-31426CVE-2024-22423CVE-2024-22438injectlocal usersCVE-2024-3797
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook