Vulnerability Details CVE-2020-9055
Versiant LYNX Customer Service Portal (CSP), version 3.5.2, is vulnerable to stored cross-site scripting, which could allow a local, authenticated attacker to insert malicious JavaScript that is stored and displayed to the end user. This could lead to website redirects, session cookie hijacking, or information disclosure.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.6%
CVSS Severity
CVSS v3 Score 3.9
CVSS v2 Score 3.5
References
Products affected by CVE-2020-9055
-
cpe:2.3:a:versiant:lynx_customer_service_portal:3.5.2