CVE-2020-13893 – Multiple stored cross-site scripting (XSS) vulnerabilities in Sage EasyPay 10.7.5.10 allow …

18 October 2020

Vuln ID: CVE-2020-13893

Published: 2020-10-18 19:15:12Z

Description: Multiple stored cross-site scripting (XSS) vulnerabilities in Sage EasyPay 10.7.5.10 allow authenticated attackers to inject arbitrary web script or HTML via multiple parameters through Unicode Transformations (Best-fit Mapping), as demonstrated by the full-width variants of the less-than sign (%EF%BC%9C) and greater-than sign (%EF%BC%9E).

Source: NVD.NIST.GOV

Date:

18 October 2020

Categorie(s):

NVD

Tag(s):

NVD

AI set to play key role in future phishing attacks24 April 2024
Cybersecurity jobs available right now: April 24, 202424 April 2024
The relationship between cybersecurity and work tech innovation24 April 2024
eBook: Cloud security skills24 April 2024
TensorFlow AI models at risk due to Keras API flaw23 April 2024