CVE-2020-27741

Name of the Vulnerable Software and Affected Versions Citadel WebCit versions prior to 926

Description Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML via multiple pages and parameters. This issue was reported to the vendor in a publicly archived thread titled "Multiple Security Vulnerabilities in WebCit 926".

Recommendations For versions prior to 926, update to a version that fixes these vulnerabilities. As a temporary workaround, consider restricting access to multiple pages and parameters that are vulnerable to XSS attacks until a patch is available.