Vulnerabilities

CVE-2020-28930

by Fred · 16/12/2020

A Cross-Site Scripting (XSS) issue in the ‘update user’ and ‘delete user’ functionalities in settings/users.php in EPSON EPS TSE Server 8 (21.0.11) allows an authenticated attacker to inject a JavaScript payload in the user management page that is executed by an administrator.

Date published : 2020-12-16

https://blog.bssi.fr/multiple-vulnerabilities-within-epson-eps-tse-server-8/#vulnerability-2

Similar

Tags: Cybersecurity Alert