CVE-2023-30057

Name of the Vulnerable Software and Affected Versions FICO Origination Manager Decision Module version 4.8.1

Description The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload, due to multiple stored cross-site scripting (XSS) vulnerabilities. This enables attackers to potentially manipulate the web application's behavior.

Recommendations For FICO Origination Manager Decision Module version 4.8.1, consider implementing input validation and sanitization to prevent the execution of malicious scripts. As a temporary workaround, restrict access to sensitive areas of the application where user input is processed until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.