CVE-2015-20116 in RealtyScriptИнформация

Сводка

по MITRE • 16.03.2026

Next Click Ventures RealtyScript 4.0.2 fails to properly sanitize CSV file uploads, allowing attackers to inject malicious scripts through filename parameters in multipart form data. Attackers can upload files with XSS payloads in the filename field to execute arbitrary JavaScript in users' browsers when the file is processed or displayed.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

VulnCheck

Резервировать

15.03.2026

Раскрытие

16.03.2026

Модерация

принято

Вход

VDB-351162

CPE

готов

CWE

CWE-79 (Подтверждённый)

Эксплойт

Скачать

CVSS

6.1 (NVD)

EPSS

0.00051

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-20116
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-20116
CVE Details	https://www.cvedetails.com/cve/CVE-2015-20116/

◂ Предыдущий Обзор Далее ▸

Do you need the next level of professionalism?

Upgrade your account now!