Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.1
CVSSv3

CVE-2020-8960

Published: 20/02/2020 Updated: 01/01/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Westerndigital

Vulnerability Summary

Western Digital mycloud.com before Web Version 2.2.0-134 allows XSS.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

westerndigital mycloud.com

Github Repositories

https://github.com/fruh/security-bulletins

Security bulletins Date ID Subject Affected versions 2021 January 19 WDC-21001 Reflected XSS in WD My Cloud, My Cloud Home and SanDisk ibi <,4130) 2020 February 21 WDC-20003, CVE-2020-8960 Reflected DOM-based XSS <,220-134) 2019 December 18 N/A Resilio Sync security issue in the Sync WebUI <,264) 2019 November 30 CVE-2019-12417 Apache Air

References

CWE-79https://support.wdc.com/downloads.aspx?g=907&lang=en#downloadshttps://www.westerndigital.com/support/productsecurity/wdc-20003-mycloud-xss-vulnerabilityhttps://www.westerndigital.com/support/productsecurity/wdc-20003-mycloud-site-version-2-2-0-134https://nvd.nist.govhttps://github.com/fruh/security-bulletins
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744privilege escalationCVE-2024-30253CVE-2024-3914cross-site scriptingCVE-2024-31497CVE-2024-3400CVE-2024-32341hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook