Notified:  June 26, 2019 Updated: March 27, 2020

Statement Date:   March 25, 2020

Status

Affected

Vendor Statement

This item has since been resolved in Lynx version 3.5.3. Special characters are prevented from being input from user forms. Form input values are being sanitized/escaped now to prevent this vulnerability if special characters are needed for input.

Vendor Information

To obtain the latest version, users should log into the Lynx customer portal at https://csp.poha.com/.

Vendor References

• https://csp.poha.com/