Published: 14/12/2020 Updated: 15/12/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

OpenAsset Digital Asset Management (DAM) up to and including 12.0.19 does not correctly sanitize user supplied input in multiple parameters and endpoints, allowing for reflected cross-site scripting attacks.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openasset digital asset management

The OpenAsset Digital Asset Management web application suffers from multiple reflected and persistent cross site scripting vulnerabilities Vulnerable versions include 12019 (Cloud) and 1121 (On-premise) ...

Full Disclosure mailing list archives   By Date By Thread </form>    Reflected cross-site scripting (XSS) in OpenAsset Digital Asset Management 1121/12019 disclosure <!--X-Subject-Hea ...

CWE-79 https://www.themissinglink.com.au/security-advisories-cve-2020-28859 http://openasset.com https://nvd.nist.gov https://packetstormsecurity.com/files/160455/OpenAsset-Digital-Asset-Management-Cross-Site-Scripting.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-28859

Vulnerability Summary

Vulnerability Trend

Exploits

Mailing Lists

References

Vulmon Search

About

Products

Connect