← Back

Boxbilling

boxbilling

Vendor: Boxbilling • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-23647
1Boxbilling
1Boxbilling
Jan 31, 2025
Apr 28, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Cross Site Scripting (XSS) vulnerability in BoxBilling 4.19, 4.19.1, 4.20, and 4.21 allows remote attackers to run arbitrary code via the message field on the submit new ticket form.
CVE-2022-3552
1Boxbilling
1Boxbilling
Jun 17, 2026
Oct 17, 2022
N/A· v4
7.2 HIGH· v3
N/A· v2
Unrestricted Upload of File with Dangerous Type in GitHub repository boxbilling/boxbilling prior to 0.0.1.