XSS Vulnerability in MB connect line mymbCONNECT24 and mbCONNECT24 Software

XSS Vulnerability in MB connect line mymbCONNECT24 and mbCONNECT24 Software

CVE-2020-12530 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. There is an XSS issue in the redirect.php allowing an attacker to inject code via a get parameter.

Learn more about our Web Application Penetration Testing UK.