CVE-2020-26221

Name of the Vulnerable Software and Affected Versions touchbase.ai versions prior to 2.0

Description The issue allows an attacker to send malicious JavaScript code, which could result in hijacking of the user's cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser actions.

Recommendations For versions prior to 2.0, update to version 2.0 to resolve the issue. As a temporary workaround, consider restricting access to sensitive user data and implementing additional security measures to prevent malicious JavaScript code execution.