CVE-2020-21783

Name of the Vulnerable Software and Affected Versions: IBOS version 4.5.4

Description: The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability is found in the email function, specifically in the emailbody[content] parameter. XSS is a type of attack where an attacker can inject malicious scripts into content from otherwise trusted websites.

Recommendations: For IBOS version 4.5.4, consider restricting the use of the email function until a patch is available, specifically avoiding the use of the emailbody[content] parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.