CVE-2020-37022 | OpenZ ERP up to 3.6.60 Employee name/description cross site scripting (Exploit 48450)

Inserito da Angelo Barbosa | Gen 30, 2026 | CVE

A vulnerability classified as problematic was found in OpenZ ERP up to 3.6.60. Affected is an unknown function of the component Employee Module. The manipulation of the argument name/description results in cross site scripting.

This vulnerability was named CVE-2020-37022. The attack may be performed from remote. In addition, an exploit is available.

CVE-2020-37022 | OpenZ ERP up to 3.6.60 Employee name/description cross site scripting (Exploit 48450)

Post correlati

CVE-2024-53731 | Fintelligence Calculator Plugin up to 1.0.3 on WordPress cross site scripting

CVE-2025-67082 | InvoicePlane up to 1.6.3 maxQuantity/minQuantity sql injection

CVE-2025-15012 | code-projects Refugee Food Management System 1.0 /home/home.php a sql injection

CVE-2024-23928 | Pioneer DMH-WT7600NEX Telematics certificate validation (ZDI-24-1045)