VYPR
Unrated severityNVD Advisory· Published Dec 16, 2020· Updated Aug 4, 2024

CVE-2020-28930

CVE-2020-28930

Description

A Cross-Site Scripting (XSS) issue in the 'update user' and 'delete user' functionalities in settings/users.php in EPSON EPS TSE Server 8 (21.0.11) allows an authenticated attacker to inject a JavaScript payload in the user management page that is executed by an administrator.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.