CVE-2021-32542

The parameters of the specific functions in the CTS Web trading system do not filter special characters, which allows unauthenticated attackers can remotely perform reflected XSS and obtain the users’ connection token that triggered the attack.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:sysjust:cts_web:*:*:*:*:*:*:*:*

Information

Published : 2021-05-28 01:15

Updated : 2022-06-03 10:31


NVD link : CVE-2021-32542

Mitre link : CVE-2021-32542


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

sysjust

  • cts_web