Authenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Beta allows a remote attacker to execute codeby injecting arbitrary web script or HTML via modifying the name of the users. The XSS is executed when an administrator access the logs.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-04-28T20:42:54

Updated: 2024-08-04T14:51:10.824Z

Reserved: 2020-08-13T00:00:00

Link: CVE-2020-22790

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-04-28T21:15:08.770

Modified: 2024-11-21T05:13:25.233

Link: CVE-2020-22790

cve-icon Redhat

No data.