Versiant LYNX Customer Service Portal (CSP), version 3.5.2, is vulnerable to stored cross-site scripting, which could allow a local, authenticated attacker to insert malicious JavaScript that is stored and displayed to the end user. This could lead to website redirects, session cookie hijacking, or information disclosure.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2020-03-30T20:50:27.102705Z

Updated: 2024-09-16T16:47:42.042Z

Reserved: 2020-02-18T00:00:00

Link: CVE-2020-9055

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-03-30T22:15:15.667

Modified: 2024-11-21T05:39:55.287

Link: CVE-2020-9055

cve-icon Redhat

No data.