DOM-Based XSS Vulnerability in TopManage OLK 2020

DOM-Based XSS Vulnerability in TopManage OLK 2020

CVE-2020-6845 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

An issue was discovered in TopManage OLK 2020. As there is no ReadOnly on the Session cookie, the user and admin accounts can be taken over in a DOM-Based XSS attack.

Learn more about our User Device Pen Test.