Security Advisory
CVE-2020-28047
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
AudimexEE before 14.1.1 is vulnerable to Reflected XSS (Cross-Site-Scripting). If the recommended security configuration parameter "unique_error_numbers" is not set, remote attackers can inject arbitrary web script or HTML via action, cargo, panel parameters that can lead to data leakage.