Vulnerabilities > Boxbilling

DATE CVE VULNERABILITY TITLE RISK
2023-04-28 CVE-2020-23647 Cross-site Scripting vulnerability in Boxbilling
Cross Site Scripting (XSS) vulnerability in BoxBilling 4.19, 4.19.1, 4.20, and 4.21 allows remote attackers to run arbitrary code via the message field on the submit new ticket form.
network
low complexity
boxbilling CWE-79
6.1
2022-10-17 CVE-2022-3552 Unspecified vulnerability in Boxbilling
Unrestricted Upload of File with Dangerous Type in GitHub repository boxbilling/boxbilling prior to 0.0.1.
network
low complexity
boxbilling
7.2