CVE-2020-9447

There is an XSS (cross-site scripting) vulnerability in GwtUpload 1.0.3 in the file upload functionality. Someone can upload a file with a malicious filename, which contains JavaScript code, which would result in XSS. Cross-site scripting enables attackers to steal data, change the appearance of a website, and perform other malicious activities like phishing or drive-by hacking.
Configurations

Configuration 1

cpe:2.3:a:gwtupload_project:gwtupload:1.0.3:*:*:*:*:*:*:*

Information

Published : 2020-02-28 04:15

Updated : 2021-12-21 12:53


NVD link : CVE-2020-9447

Mitre link : CVE-2020-9447

Products Affected
No products.
CWE