CVE-2020-28150

MEDIUM

6.1

CVSS Severity Score

EPSS Score0.0970%

EPSS Percentile42.52th

PublishedMar 9, 2021

Last ModifiedNov 21, 2024

Vulnerability Description

I-Net Software Clear Reports 20.10.136 web application accepts a user-controlled input that specifies a link to an external site, and uses the user supplied data in a Redirect.

Affected Platforms (CPE)

📦

Inetsoftware

I Net Clear Reports

= 20.10.136

References & Advisories

🔗 https://c41nc.co.uk/?page_id=85

Related Vulnerabilities

CVE-2020-126849.8

XXE injection can occur in i-net Clear Reports 2019 19.0.287 (Designer), as used in i-net HelpDesk and other products, when XML in...

CVE-2020-114319.1

The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthen...

CVE-2021-471037.8

In the Linux kernel, the following vulnerability has been resolved: inet: fully convert sk->sk_rx_dst to RCU rules syzbot report...

CVE-2026-232555.5

In the Linux kernel, the following vulnerability has been resolved: net: add proper RCU protection to /proc/net/ptype Yin Fengwe...