3 matches found
CVE-2021-42335
Easytest bulletin board management function of online learning platform does not filter special characters. After obtaining a user’s privilege, remote attackers can inject JavaScript and execute stored XSS attack...
CVE-2021-42335 Huachu Digital Technology Co.,Ltd. Easytest - Stored XSS
Easytest bulletin board management function of online learning platform does not filter special characters. After obtaining a user’s privilege, remote attackers can inject JavaScript and execute stored XSS attack...
CVE-2021-42335
The CVE concerns Easytest, an online learning platform’s bulletin board management function. The root cause is insufficient filtering of special characters, enabling stored XSS after an attacker gains user privileges. Reported impact includes the ability to inject JavaScript remotely, with the vu...