2 matches found
CVE-2021-3824
OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL...
CVE-2021-3824
OpenVPN Access Server 2.9.0–2.9.4 is affected by a cross‑site scripting (XSS) vulnerability in the web login page URL, allowing remote attackers to inject arbitrary web script/HTML. Root cause: improper handling of characters in the login page URL. Impact: potential execution of malicious script ...