Arbitrary Code Execution Vulnerability in BigFix Self-Service Application (SSA)

Arbitrary Code Execution Vulnerability in BigFix Self-Service Application (SSA)

CVE-2019-4301 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

BigFix Self-Service Application (SSA) is vulnerable to arbitrary code execution if Javascript code is included in Running Message or Post Message HTML.

Learn more about our Web Application Penetration Testing UK.