SEC Consult SA-20201012-0 :: Reflected Cross-Site Scripting and Unauthenticated Malicious File Upload in Sage DPW

Posted by SEC Consult Vulnerability Lab on Oct 12

SEC Consult Vulnerability Lab Security Advisory < 20201012-0 >
=======================================================================
title: Reflected Cross-Site Scripting and Unauthenticated
Malicious File Upload
product: Sage DPW
vulnerable version: 2020_06_000 & 2020_06_001
fixed version: 2020_06_002
CVE number: CVE-2020-26583 & CVE-2020-26584
impact:…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source