CVE-2020-28857

Name of the Vulnerable Software and Affected Versions OpenAsset Digital Asset Management (DAM) versions 12.0.19 and earlier

Description The issue arises from the software's failure to correctly sanitize user-supplied input in multiple parameters and endpoints, allowing for stored cross-site scripting attacks.

Recommendations For versions 12.0.19 and earlier, as a temporary workaround, consider restricting access to the affected endpoints and parameters until a patch is available. Avoid using the vulnerable parameters in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.