Multiple persistent cross site scripting vulnerabilities in FICO Origination Manager Decision Module version 481 allow an attacker to execute code in the context of the victim's browser using a crafted payload Additionally, an attacker with initial access to the application, can get the JSESSIONID cookie of another user and take over their sessi ...