Vulnerabilities > Boolebox
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-24 | CVE-2020-13247 | Injection vulnerability in Boolebox BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area. | 8.5 |
| 2020-06-24 | CVE-2020-13248 | Cross-site Scripting vulnerability in Boolebox BooleBox Secure File Sharing Utility before 4.2.3.0 allows stored XSS via a crafted avatar field within My Account JSON data to Account.aspx. | 3.5 |