5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.7%
The bulletin function of Flygo does not filter special characters while a new announcement is added. Remoter attackers can use the vulnerability with general user’s credential to inject JavaScript and execute stored XSS attacks.
www.twcert.org.tw/tw/cp-132-4988-8f642-1.html