CVE-2020-8612 in Progess and Progress Products
Published on February 14, 2020
In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, a REST API endpoint failed to adequately sanitize malicious input, which could allow an authenticated attacker to execute arbitrary code in a victim's browser, aka XSS.
Products Associated with CVE-2020-8612
stack.watch emails you whenever new vulnerabilities are published in Progess Moveit Transfer or Progress Moveit Transfer. Just hit a watch button to start following.
Exploit Probability
EPSS
0.03%
Percentile
7.47%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.