Security Advisory
CVE-2020-28930
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
A Cross-Site Scripting (XSS) issue in the update user and delete user functionalities in settings/users.php in EPSON EPS TSE Server 8 (21.0.11) allows an authenticated attacker to inject a JavaScript payload in the user management page that is executed by an administrator.