HCL Verse v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. An unauthenticated remote attacker could exploit this vulnerability using specially-crafted markup to execute script in a victim's web browser within the security context of the hosting Web site and/or steal the victim's cookie-based authentication credentials.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: HCL
Published: 2020-12-18T21:14:49
Updated: 2024-08-04T07:52:20.921Z
Reserved: 2019-12-30T00:00:00
Link: CVE-2020-4080
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-12-18T22:15:12.590
Modified: 2024-11-21T05:32:16.050
Link: CVE-2020-4080
Redhat
No data.