CyberSec.Space Logo
Back to CVE Browser

CVE-2020-37014

MEDIUM
6.4
CVSS Severity Score
EPSS Score0.0540%
EPSS Percentile24.22th
PublishedJan 30, 2026
Last ModifiedApr 15, 2026

Vulnerability Description

Tryton 5.4 contains a persistent cross-site scripting vulnerability in the user profile name input that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability by inserting script payloads in the name field, which execute in the frontend and backend user interfaces.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

πŸ”— https://www.exploit-db.com/exploits/48466
πŸ”— https://www.tryton.org/
πŸ”— https://www.tryton.org/download
πŸ”— https://www.vulncheck.com/advisories/tryton-persistent-cross-site-scripting
πŸ”— https://www.vulnerability-lab.com/get_content.php?id=2233

Related Vulnerabilities

CVE-2020-1375310.0

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOC...

CVE-2020-1470110.0

Vulnerability in the Oracle SD-WAN Aware product of Oracle Communications Applications (component: User Interface). The supported ...

CVE-2020-628710.0

SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which...

CVE-2020-735610.0

CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter 'wayfinder_seqid' in w...

CVE-2020-37014 Detail & Impact Analysis | CVSS 6.4 (MEDIUM) | Cyber-Sec.Space | Cyber-Sec.Space