CVE-2020-15788

2020-09-09T19:15:00
ID CVE-2020-15788
Type cve
Reporter cve@mitre.org
Modified 2020-09-14T20:38:00

Description

A vulnerability has been identified in Polarion Subversion Webclient (All versions). The Polarion subversion web application does not filter user input in a way that prevents Cross-Site Scripting. If a user is enticed into passing specially crafted, malicious input to the web client (e.g. by clicking on a malicious URL with embedded JavaScript), then JavaScript code can be returned and may then be executed by the user’s client. Various actions could be triggered by running malicious JavaScript code.