CVE-2020-28930

Publication date

2020-12-16 20:26:33

Family

mitre

State

PUBLISHED

Description

A Cross-Site Scripting (XSS) issue in the update user and delete user functionalities in settings/users.php in EPSON EPS TSE Server 8 (21.0.11) allows an authenticated attacker to inject a JavaScript payload in the user management page that is executed by an administrator.