HTML Injection Vulnerability in TAO Open Source Assessment Platform v3.3.0 RC02

CVE-2020-23050 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection vulnerability in the userFirstName parameter of the user account input field. This vulnerability allows attackers to execute phishing attacks, external redirects, and arbitrary code.

Learn more about our External Network Penetration Testing.