CVE-2020-13134 – Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to stored XSS. The succ …

20 January 2021

Vuln ID: CVE-2020-13134

Published: 2021-01-20 02:15:13Z

Description: Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to stored XSS. The successful exploitation requires admin privileges (for storing the XSS payload itself), and can exploit (be triggered by) admin users. All TOS versions with SecureChange deployments prior to R19.3 HF3 and R20-1 HF1 are affected. Vulnerabilities were fixed in R19.3 HF3 and R20-1 HF1.

Source: NVD.NIST.GOV

Date:

20 January 2021

Categorie(s):

NVD

Tag(s):

NVD

Russian Sandworm Group Hit 20 Ukrainian Energy and Water Sites23 April 2024
Trellix Email Security for Microsoft Office 365 improves email defense23 April 2024
Russian APT28 Group in New “GooseEgg” Hacking Campaign23 April 2024
The multitenant dilemma: Gaining more control over user access without compromising data isolation23 April 2024
Hacker Offers Upto $300 To Mobile Networks Staff For Illegal SIM Swaps23 April 2024