CVE-2019-20003

Name of the Vulnerable Software and Affected Versions Feldtech easescreen Crystal version 9.0 Web-Services 9.0.1.16265

Description The issue allows for Stored XSS via the Debug-Log and Display-Log components. This could be exploited when an attacker sends a crafted string for FTP authentication, potentially affecting the security of the system.

Recommendations For version 9.0 Web-Services 9.0.1.16265, consider disabling the Debug-Log and Display-Log components as a temporary workaround until a patch is available. Restrict access to FTP authentication to minimize the risk of exploitation.