2 matches found
CVE-2021-45224
An issue was discovered in COINS Construction Cloud 11.12. In several locations throughout the application, JavaScript code is passed as a URL parameter. Attackers can trivially alter this code to cause malicious behaviour. The application is therefore vulnerable to reflected XSS via malicious UR...
CVE-2021-45224
CVE-2021-45224 affects COINS Construction Cloud version 11.12, where JavaScript code passed in URL parameters can be altered to trigger reflected XSS. The issue is documented across multiple sources (NVD/Red Hat/CNVD/CVE list) as an in-application vulnerability enabling malicious behavior via man...