CVE-2020-36924

Name of the Vulnerable Software and Affected Versions Sony BRAVIA Digital Signage version 1.7.8

Description A remote file inclusion issue allows attackers to inject arbitrary client-side scripts. This is achieved by manipulating the content material URL parameter and the input material type, which can lead to hijacked user sessions, cross-site scripting (XSS) execution, and modification of display content.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.