CVE-2020-37018 – GOautodial 4.0 – Persistent Cross-Site Scripting

CVE ID : CVE-2020-37018

Published : Jan. 29, 2026, 2:28 p.m. | 41 minutes ago

Description : GOautodial 4.0 contains a persistent cross-site scripting vulnerability that allows authenticated agents to inject malicious scripts through message subjects. Attackers can craft messages with embedded JavaScript that will execute when an administrator reads the message, potentially stealing session cookies or executing client-side attacks.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-7714 – Time Based SQLi in Global Medya’s PHP CMS

CVE-2025-7713 – Reflected XSS in Global Medya’s PHP CMS

CVE-2026-1594 – itsourcecode Society Management System add_expenses.php sql injection

CVE-2026-1593 – itsourcecode Society Management System edit_expenses_query.php sql injection