go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::

Date:
Font-stze:

MCU Technologies MCUsystem - Reflected XSS

TVN ID TVN-202106001
CVE ID CVE-2021-32536
CVSS 6.1 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products MCU Technologies MCUsystem version 5.5
Description The login page in the MCUsystem does not filter with special characters, which allows remote attackers can inject JavaScript without privilege and thus perform reflected XSS attacks.
Solution Contact tech support from MCU Technologies.
Credit andylai
Public Date 2021-06-18
Top