CVE-2020-15914

Name of the Vulnerable Software and Affected Versions Origin Client for Mac and PC versions 10.5.86 or earlier

Description A cross-site scripting (XSS) issue exists that could allow a remote attacker to execute arbitrary Javascript in a target user’s Origin client. This could enable access to sensitive data related to the target user’s Origin account, or control and monitoring of the Origin text chat window.

Recommendations For versions 10.5.86 or earlier, update to a version later than 10.5.86 to resolve the issue. As a temporary workaround, consider restricting the use of the Origin text chat window until a patch is available.