2 matches found
CVE-2021-32539
Add event in calendar function in the 101EIP system does not filter special characters in specific fields, which allows remote authenticated users to inject JavaScript and perform a stored XSS attack...
CVE-2021-32539
The CVE-2021-32539 entry describes stored XSS in the 101EIP calendar add-event feature due to insufficient filtering of special characters in specific fields. Exploitation context is remote authenticated access; impact is the ability to inject JavaScript and trigger stored XSS after authenticatio...