2 matches found
CVE-2020-6956
PCS DEXICON 3.4.1 allows XSS via the loginName parameter in loginaction.jsp...
CVE-2020-6956
CVE-2020-6956 concerns PCS DEXICON 3.4.1, where a Cross-Site Scripting (XSS) vulnerability exists in the loginName parameter of login_action.jsp. The root cause, per CNVD, is inadequate validation of client-side data by the WEB application, enabling execution of client-side code. Documented impac...