TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection vulnerability in the userFirstName parameter of the user account input field. This vulnerability allows attackers to execute phishing attacks, external redirects, and arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
tao_assessment_platform | eq | 3.3.0 rc2 |