← back
CVE-2020-15952

CVE-2020-15952

EPSS 1.5%
Immuta v2.8.2 is affected by stored XSS that allows a low-privileged user to escalate privileges to administrative permissions. Additionally, unauthenticated attackers can phish unauthenticated Immuta users to steal credentials or force actions on authenticated users through reflected, DOM-based XSS.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://labs.bishopfox.com/advisorieshttps://labs.bishopfox.com/advisories/immuta-version-2.8.2https://www.immuta.com/