2 matches found
CVE-2021-33853
A Cross-Site Scripting XSS attack can cause arbitrary code javascript to run in a user’s browser while the browser is connected to a trusted website. As the vehicle for the attack, the application targets the users and not the application itself. Additionally, the XSS payload is executed when the...
CVE-2021-33853
CVE-2021-33853 affects X2CRM 8.0 from X2Engine USA, Inc. The Red Hat/ CNVD/ CNNVD and CVE records describe a cross-site scripting (XSS) vulnerability arising from insufficient input validation/filtering and output encoding, allowing arbitrary JavaScript to run in a user’s browser when the user na...