Published: 22/07/2021 Updated: 02/08/2021
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Summary

Sage X3 Stored XSS Vulnerability on ‘Edit’ Page of User Profile. The ‘First name’, ‘Last name’, and ‘Email’ fields within the ‘Edit User’ page is vulnerable to a stored XSS sequence.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sage syracuse

Recent Articles

Critical Sage X3 RCE Bug Allows Full System Takeovers
Threatpost • Tara Seals • 07 Jul 2021

Four vulnerabilities afflict the popular Sage X3 enterprise resource planning (ERP) platform, researchers found – including one critical bug that rates 10 out of 10 on the CVSS vulnerability-severity scale. Two of the bugs could be chained together to allow complete system takeovers, with potential supply-chain ramifications, they said.
Sage X3 is targeted at mid-sized companies – particularly manufacturers and distributors – that are looking for all-in-one ERP functionality. The sys...