A high-severity Cross-site Scripting (XSS) vulnerability has been identified in multiple Verisay Communication products. This flaw allows an attacker to inject malicious code into web pages, which then executes in the browsers of unsuspecting users, potentially leading to session hijacking, data theft, or unauthorized actions performed on behalf of the user. Organizations are urged to apply vendor-supplied security patches immediately to mitigate the risk of compromise.

The vulnerability is an Improper Neutralization of Input During Web Page Generation, commonly known as Cross-site Scripting (XSS). An attacker can exploit this by crafting a special link or submitting a form containing malicious scripts (e.g., JavaScript). When a victim clicks the link or views the page with the malicious content, the script executes within the context of their browser session. This allows the attacker to bypass same-origin policy controls and access sensitive information like session cookies and credentials, or to manipulate the web page content and functionality.

This vulnerability is rated as High severity with a CVSS score of 7.6. Successful exploitation could have significant business impacts, including the compromise of user accounts, theft of sensitive personal or financial data, and unauthorized access to application functions. This can lead to reputational damage, loss of customer trust, and potential regulatory fines. An attacker could also use this vulnerability to deface the web application or pivot to launch further attacks against users and the organization.

Immediate Action: The primary remediation is to apply the security updates provided by Verisay Communication to all affected products immediately. After patching, it is crucial to review web server and application access logs for any signs of prior exploitation attempts.

Proactive Monitoring: Security teams should actively monitor web server logs for suspicious requests containing common XSS payloads, such as HTML tags (<script>, <img>), event handlers (onerror, onload), or encoded script characters. Implement alerting for unusual patterns in user-input fields or URL parameters that may indicate an exploitation attempt.

Compensating Controls: If immediate patching is not feasible, organizations should implement a Web Application Firewall (WAF) with rules specifically designed to detect and block XSS attack patterns. Additionally, enforcing a strict Content Security Policy (CSP) can serve as a strong mitigating control by restricting the sources from which scripts can be executed.

Public Exploit Available: false

Given the high CVSS score of 7.6, this vulnerability poses a significant risk to the organization. While it is not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog, its severity warrants immediate attention. We strongly recommend that all affected Verisay Communication products are identified and patched on a priority basis to prevent potential account compromise and data theft. If patching is delayed, compensating controls such as a WAF should be implemented without delay.