Vulnerabilities > Boxbilling > Boxbilling > 4.21
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-28 | CVE-2020-23647 | Cross-site Scripting vulnerability in Boxbilling Cross Site Scripting (XSS) vulnerability in BoxBilling 4.19, 4.19.1, 4.20, and 4.21 allows remote attackers to run arbitrary code via the message field on the submit new ticket form. | 6.1 |