Security Advisory

CVE-2021-37211

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-09 09:15:25

Last updated 2024-09-16 22:30:28

Assigner twcert

State PUBLISHED

Description

The bulletin function of Flygo does not filter special characters while a new announcement is added. Remoter attackers can use the vulnerability with general user’s credential to inject JavaScript and execute stored XSS attacks.

← Browse all CVEs View on cve.org ↗