Zurück zur CVE-Übersicht
CVE-2020-28857
MEDIUM(6.1)CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Risk Signal Score16/100 — NIEDRIG
- CVSS 6.1 — Mittel
EPSS-Score
2%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
6.1
Technische Schwere
Beschreibung
OpenAsset Digital Asset Management (DAM) through 12.0.19, does not correctly sanitize user supplied input in multiple parameters and endpoints, allowing for stored cross-site scripting attacks.
Referenzen
- http://packetstormsecurity.com/files/160455/OpenAsset-Digital-Asset-Management-C...
- http://seclists.org/fulldisclosure/2020/Dec/18
- https://www.themissinglink.com.au/security-advisories-cve-2020-28857
- http://openasset.com
- http://packetstormsecurity.com/files/160455/OpenAsset-Digital-Asset-Management-C...
- http://seclists.org/fulldisclosure/2020/Dec/18
- https://www.themissinglink.com.au/security-advisories-cve-2020-28857