Skip to main content

101Eip

2 CVEs product

Monthly

CVE-2021-32540 MEDIUM This Month

Add announcement function in the 101EIP system does not filter special characters, which allows authenticated users to inject JavaScript and perform a stored XSS attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS 101Eip
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-32539 MEDIUM This Month

Add event in calendar function in the 101EIP system does not filter special characters in specific fields, which allows remote authenticated users to inject JavaScript and perform a stored XSS attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS 101Eip
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 0% CVSS 5.4
MEDIUM This Month

Add announcement function in the 101EIP system does not filter special characters, which allows authenticated users to inject JavaScript and perform a stored XSS attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS 101Eip
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Add event in calendar function in the 101EIP system does not filter special characters in specific fields, which allows remote authenticated users to inject JavaScript and perform a stored XSS attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS 101Eip
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy