Stored XSS Vulnerability in Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 via Debug-Log and Display-Log Components

Stored XSS Vulnerability in Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 via Debug-Log and Display-Log Components

CVE-2019-20003 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 allows Stored XSS via the Debug-Log and Display-Log components. This could be exploited when an attacker sends an crafted string for FTP authentication.

Learn more about our Web App Pen Testing.