Unrated severityNVD Advisory· Published Dec 16, 2020· Updated Aug 4, 2024
CVE-2020-28930
CVE-2020-28930
Description
A Cross-Site Scripting (XSS) issue in the 'update user' and 'delete user' functionalities in settings/users.php in EPSON EPS TSE Server 8 (21.0.11) allows an authenticated attacker to inject a JavaScript payload in the user management page that is executed by an administrator.
Affected products
2- EPSON/EPS TSE Serverdescription
- Range: = 21.0.11
Patches
Vulnerability mechanics
References
1- blog.bssi.fr/multiple-vulnerabilities-within-epson-eps-tse-server-8/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.