CVE-2021-45092

Publication date

2021-12-16 03:07:32

Family

mitre

State

PUBLISHED

Description

Thinfinity VirtualUI before 3.0 has functionality in /lab.html reachable by default that could allow IFRAME injection via the vpath parameter.