Vuln ID: CVE-2020-7390
Published: 2021-07-22 19:15:08Z
Description: Sage X3 Stored XSS Vulnerability on Ã¢â‚¬ËœEditÃ¢â‚¬â„¢ Page of User Profile. An authenticated user can pass XSS strings the "First Name," "Last Name," and "Email Address" fields of this web application component. Updates are available for on-premises versions of Version 12 (components shipped with Syracuse 12.10.0 and later) of Sage X3. Other on-premises versions of Sage X3 are unaffected or unsupported by the vendor.