Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2020-9691 - Vulnerability Database

Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2020-9691

Critical
Reference: CVE-2020-9691
Title: Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

Magento versions 2.3.5-p1 and earlier and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to arbitrary code execution.