CVE-2019-12311

Name of the Vulnerable Software and Affected Versions Sandline Centraleyezer (On Premises) (affected versions not specified)

Description The issue allows for Unrestricted File Upload, leading to Stored XSS. This means an HTML page running a script could be uploaded to the server. When a victim attempts to download a CISO Report template, the script is loaded.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.