CVE-2021-38695

Name of the Vulnerable Software and Affected Versions SoftVibe SARABAN for INFOMA version 1.1

Description The issue allows users to store scripts in certain fields, such as subject and description, of the document form, enabling stored cross-site scripting (XSS).

Recommendations For SoftVibe SARABAN for INFOMA version 1.1, consider disabling the ability to input scripts in the subject and description fields of the document form until a patch is available. Restrict access to these fields to minimize the risk of exploitation. Avoid using these fields in the affected document form until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.