3 matches found
CVE-2021-32541
CVE-2021-32541: A vulnerability in the CTS Web transaction system’s authentication and session management allows remote unauthenticated actors to flood with valid usernames and force logged-in users to log out, potentially denying access to services. The issue is tied to an incorrect implementati...
CVE-2021-32542
CVE-2021-32542 pertains to CTS Web trading system where the parameters of certain functions do not filter special characters, enabling unauthenticated attackers to perform reflected XSS and obtain the user’s connection token that triggered the attack. The affected component is the CTS Web trading...
CVE-2021-32543
The CVE-2021-32543 issue affects the CTS Web transaction system (authentication management) from Cascade Information Technology, Taiwan. The root cause is an incorrect authentication implementation that allows a post-login attacker to manipulate cookies, access other accounts, and trade in the st...