Bernatgs

Name of the Vulnerable Software and Affected Versions: CUBA Platform versions prior to 6.10.x The Reporting Addon (aka Reports Addon) versions through 2019-01-02 Description: The issue concerns a Persistent XSS vulnerability. It can be exploited via the `name` field in the "Reports > Reports" section. Recommendations: For The Reporting Addon (aka Reports Addon) versions through 2019-01-02, consider restricting access to the "Reports > Reports" name field until a fix is available. For CUBA Platform versions prior to 6.10.x, update to a version that includes the fix for this issue.