Vulnerability CVE-2020-35706

Vulnerability CVE-2020-35706

Published: 2020-12-25

Description:

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
3.5/10	2.9/10	6.8/10

Affected software
Daybydaycrm -> Daybyday

https://github.com/Bottelet/DaybydayCRM/releases

https://tufangungor.github.io/exploit/2020/12/12/daybydaycrm-2.1.0-multiple-stored-xss.html