Security Advisory

CVE-2019-20151

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-08-20 12:36:21

Last updated 2024-08-05 02:39:09

Assigner mitre

State PUBLISHED

Description

An XSS issue was discovered in TreasuryXpress 19191105. Due to the lack of filtering and sanitization of user input, malicious JavaScript can be executed by the applications administrator(s). A malicious payload can be injected within the Multi Approval security component and inserted via the Note field. As a result, the payload is executed by the applications administrator(s).

← Browse all CVEs View on cve.org ↗