CVE-2020-9055

Versiant LYNX Customer Service Portal (CSP), version 3.5.2, is vulnerable to stored cross-site scripting, which could allow a local, authenticated attacker to insert malicious JavaScript that is stored and displayed to the end user. This could lead to website redirects, session cookie hijacking, or information disclosure.
References
Link Resource
https://kb.cert.org/vuls/id/962085/ Third Party Advisory US Government Resource
https://csp.poha.com/lynx/ Permissions Required
Configurations

Configuration 1

cpe:2.3:a:versiant:lynx_customer_service_portal:3.5.2:*:*:*:*:*:*:*

Information

Published : 2020-03-30 10:15

Updated : 2020-04-01 06:27


NVD link : CVE-2020-9055

Mitre link : CVE-2020-9055

Products Affected
No products.
CWE