CVE-2022-21145
Lansweeper 9.1.20.2 is affected by a stored XSS in WebUserActions.aspx (loginlayout action). Attack requires authentication and permissions to change loginlayout; an attacker can craft name/value to bypass sanitization and inject arbitrary JavaScript, which is then executed when users visit the l...