Versant · Versiant Lynx Customer Service Portal · CVE-2020-9055
**Name of the Vulnerable Software and Affected Versions**
Versiant LYNX Customer Service Portal (CSP) version 3.5.2
**Description**
The issue allows a local, authenticated attacker to insert malicious JavaScript that is stored and displayed to the end user, potentially leading to website redirects, session cookie hijacking, or information disclosure.
**Recommendations**
For version 3.5.2, update to a version that includes a fix for the stored cross-site scripting issue to prevent malicious JavaScript from being inserted and displayed to the end user.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.