CVE-2020-5393
In Appspace On-Prem through 7.1.3, an adversary can steal a session token via XSS.
Date published : 2020-01-07
https://docs.appspace.com/latest/release-notes/7-1-platform-release-notes/#Patch_Updates
https://sumukh30.blogspot.com/2020/01/cross-site-scripting-vulnerability-in.html