CVE-2020-8951

MEDIUM

Fiserv Accurate Reconciliation 2.19.0 - Stored Cross-Site Scripting via Configuration Parameter Translation Fields

Title source: llm
STIX 2.1

Description

Fiserv Accurate Reconciliation 2.19.0, fixed in 3.0.0 or higher, allows XSS via the Source or Destination field of the Configuration Manager (Configuration Parameter Translation) page.

References (1)

Core 1
Core References

Scores

CVSS v3 5.4
EPSS 0.0064
EPSS Percentile 46.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
fiserv/accurate_reconciliation 2.19.0
Published Feb 26, 2020
Tracked Since Feb 18, 2026