CVE-2023-45552

Name of the Vulnerable Software and Affected Versions VeridiumID versions prior to 3.5.0

Description A stored cross-site scripting issue has been found in the admin portal of the affected software. This allows an authenticated attacker to potentially take over all accounts by sending malicious input via the self-service portal.

Recommendations For versions prior to 3.5.0, update to version 3.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin portal and self-service portal to minimize the risk of exploitation.