2 matches found
CVE-2020-28930
A Cross-Site Scripting XSS issue in the 'update user' and 'delete user' functionalities in settings/users.php in EPSON EPS TSE Server 8 21.0.11 allows an authenticated attacker to inject a JavaScript payload in the user management page that is executed by an administrator...
CVE-2020-28930
CVE-2020-28930 is an XSS flaw in EPSON EPS TSE Server 8 (21.0.11) affecting the settings/users.php “update user” and “delete user” paths. An authenticated attacker can inject JavaScript on the user management page that is executed by an administrator. The CVSSv3.1 base score is 5.4 (AV:N/AC:L/PR:...