Cross Site Scripting (XSS) vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/ChurchCRM/CRM/issues/5477 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-08-11T00:00:00
Updated: 2024-08-04T16:40:59.809Z
Reserved: 2020-11-16T00:00:00
Link: CVE-2020-28849
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-08-11T14:15:11.237
Modified: 2023-08-17T01:55:09.730
Link: CVE-2020-28849
Redhat
No data.