CVE-2020-3939

Description

SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Cross-Site Scripting(XSS), personal information may be leaked to attackers via the vulnerability.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

Affected products

Changing / Syuan-Gu-Da-Shih0 – 20191223

References

MISChttps://tvn.twcert.org.tw/taiwanvn/TVN-201910015
MISChttps://www.chtsecurity.com/news/a791f509-9782-4be1-b71f-22fc619f8215