KEV Entry
CVE-2020-1943
Known Exploited Vulnerability Entry External Catalog
Entry Details
Confirmed Exploited2020-04-01 18:18 UTC
Timestamps
2020-04-01
2020-04-01
Scope
KEVIntel entry: Data sent with contentId to /control/stream is not sanitized, allowing XSS attacks in Apache OFBiz 16.11.01 to 16.11.07. | Affected: Apache / Apache OFBiz | Used in malware: unknown | Not yet in CISA KEV: True
References
- {'id': 'CVE-2020-1943', 'url': 'https://www.cve.org/CVERecord?id=CVE-2020-1943'}
- {'id': 'kevintel', 'url': 'https://kevintel.com/vuln/CVE-2020-1943'}
0cb65670-62ba-4a53-b607-ed084c4ec1ed
caeb2787-0d58-4236-9039-7c86c3e566f3
2026-06-23 14:06 UTC
2026-06-23 14:06 UTC
Evidence
1| Type | Source | Signal | Confidence | Details | GCVE Metadata |
|---|---|---|---|---|---|
| public_report | kevintel | successful_exploitation | 0.70 |
View details
|
- |