CVE-2020-9299

EUVD-2020-30123
There were XSS vulnerabilities discovered and reported in the Dispatch application, affecting name and description parameters of Incident Priority, Incident Type, Tag Type, and Incident Filter. This vulnerability can be exploited by an authenticated user.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
Affected Products (NVD)
VendorProductVersion
netflixdispatch
𝑥
< 20201106
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/Netflix/dispatch/releases/tag/v20201106
https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2020-004.md
https://github.com/Netflix/dispatch/releases/tag/v20201106
https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2020-004.md