CVE-2020-9448 – Authenticated Cross-Site Scripting in the Digital Guardian Management Console DeepCode reported a Cross-Site Scripting vulnerability in the Digital Guardian Management Console on 25th February 2020. The vulnerability results from a lack of input validation in the filtering feature of the “Policies & Rules” menu of the management console. Vulnerability in Filters The filtering […]
DeepCode discovered a Cross-Site Scripting (XSS) vulnerability in CLink Office via parameter injection. As of 18 January 2020, a simple Google search returned 2,500 web servers using the application, mostly in Hong Kong.