CVE-2019-7671

Name of the Vulnerable Software and Affected Versions Prima Systems FlexAir versions 2.3.38 and prior

Description The issue arises from parameters sent to scripts not being properly sanitized before being returned to the user. This may allow an attacker to execute arbitrary code in a user’s browser session in the context of an affected site.

Recommendations For versions 2.3.38 and prior, update to a version later than 2.3.38 to resolve the issue. At the moment, there is no information about other specific mitigation measures for this issue.