Alsong · Alsong · CVE-2020-7809
**Name of the Vulnerable Software and Affected Versions**
ALSong versions 3.46 and earlier
**Description**
The issue is caused by improper validation of user input, leading to a Document Object Model (DOM) based cross-site scripting vulnerability. A remote attacker could exploit this by tricking the victim into opening an ALSong Album (sab) file.
**Recommendations**
For ALSong versions 3.46 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.