A Cross-Site Scripting (XSS) issue in the 'update user' and 'delete user' functionalities in settings/users.php in EPSON EPS TSE Server 8 (21.0.11) allows an authenticated malicious user to inject a JavaScript payload in the user management page that is executed by an administrator.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
epson eps_tse_server_8_firmware 21.0.11 |