CVE-2020-27576

Name of the Vulnerable Software and Affected Versions: Maxum Rumpus versions 8.2.13 through 8.2.14

Description: The issue is related to cross-site scripting (XSS), specifically a stored XSS vulnerability. This occurs because the folder name in the web application is insufficiently validated, allowing users to create folders that can lead to XSS attacks.

Recommendations: For versions 8.2.13 and 8.2.14, consider validating user input for folder names to prevent stored XSS attacks. As a temporary workaround, restrict the ability of users to create folders in the web application until a proper validation mechanism is implemented.