Overview :
Kaa IoT Platform version 1.2.0 suffers from a persistent cross site scripting vulnerability.
Affected Product(s) :
  • Kaa IoT Platform version 1.2.0
Vulnerability Details :
CVE ID : CVE-2020-26701
Cross-site scripting (XSS) vulnerability in Dashboards section in Kaa IoT Platform v1.2.0 allows remote attackers to inject malicious web scripts or HTML Injection payloads via the Description parameter.

Solution :

This vulnerability is currently awaiting analysis.