CVE-2020-13133
Tufin SecureChange (prior to R19.3 HF3 and R20-1 HF1) is vulnerable to stored XSS. Exploitation requires admin privileges to store the payload, and can be triggered by unauthenticated users. Affected TOS deployments include all versions before the cited fixes. Remediation: upgrade to R19.3 HF3 or...