Vulnerability Description: Multiple XSS Stored Post-Auth
Software Version: VAM: Visual Access Manager - 4.15.0 > 4.29
NIST: https://nvd.nist.gov/vuln/detail/CVE-2019-19990
CVSv3: 5.4
Severity: Medium
Credits: Alessandro Bosco, Luca Di Giuseppe, Mattia Campanelli, Valerio Preti, Stefano Scipioni, Massimiliano Brolli.
Cross-site scripting Stored (XSS) vulnerability allows authenticated remote attackers to inject arbitrary web script or HTML into some HTTP/GET-POST parameter which reflect the user input stored on the system.