Security Advisory

CVE-2021-42329

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-15 12:10:29

Last updated 2024-09-17 00:00:29

Assigner twcert

State PUBLISHED

Description

The “List_Add” function of message board of ShinHer StudyOnline System does not filter special characters in the title parameter. After logging in with user’s privilege, remote attackers can inject JavaScript and execute stored XSS attacks.

← Browse all CVEs View on cve.org ↗