Salesforce · Sales Force Assistant · CVE-2020-5570
**Name of the Vulnerable Software and Affected Versions**
Sales Force Assistant versions 11.2.48 and earlier
**Description**
The issue allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors, which can lead to cross-site scripting.
**Recommendations**
For versions 11.2.48 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.