A CVSS score 6.6 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H) severity vulnerability discovered by ‘Lucas Leong (@_wmliang_)’ was reported to the affected vendor on: 2018-11-28, 36 days ago. The vendor is given until 2019-03-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.