CVE-2020-28849

Published: 2023-08-11T14:15Z

Last Modified: 2024-11-21T05:23Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Cross Site Scripting (XSS) vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt