CVE-2019-20008

Published December 26th, 2019

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

3.5

LOW

Affected

PROJECT

Description

In Archery before 1.3, inserting an XSS payload into a project name (either by creating a new project or editing an existing one) will result in stored XSS on the vulnerability-scan scheduling page.

archerysec/archerysec

ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.

GitHub

2.46K