2 matches found
CVE-2021-29011
CVE-2021-29011 affects DMA Softlab Radius Manager 4.4.0 and is described as a Cross Site Scripting (XSS) vulnerability exploitable via the description, name, or address fields under admin.php. The connected documents corroborate an XSS issue with this version; CVSS metrics in the primary entry sh...
CVE-2021-29012
DMA Softlab Radius Manager 4.4.0 suffers a session-management flaw where the same admin session cookie is issued to all admin sessions. The cookie remains valid while logged in but is temporarily invalid when logged out, effectively acting as a static password and enabling permanent access if sto...