CVE-2020-29072

A Cross-Site Script Inclusion vulnerability was found on LiquidFiles before 3.3.19. This client-side attack requires user interaction (opening a link) and successful exploitation could lead to encrypted e-mail content leakage via messages/sent?format=js and popup?format=js.

A Cross-Site Script Inclusion vulnerability was found on LiquidFiles before 3.3.19. This client-side attack requires user interaction (opening a link) and successful exploitation could lead to encrypted e-mail content leakage via messages/sent?format=js and popup?format=js.

Se encontró una vulnerabilidad de tipo Cross-Site Script Inclusion en LiquidFiles versiones anteriores a 3.3.19. Este ataque del lado del cliente requiere la interacción del usuario (abrir un enlace) y una explotación con éxito podría conllevar a una filtración del contenido de correo electrónico cifrado por medio de messajes/sent?format=js y popup?format=js