RiyaLab CloudISO event item is added, special characters in specific field of time management page are not properly filtered, which allow remote authenticated attackers can inject malicious JavaScript and carry out stored XSS (Stored Cross-site scripting) attacks.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published: 2021-05-11T06:10:19.089254Z

Updated: 2024-09-16T20:22:31.132Z

Reserved: 2021-04-06T00:00:00

Link: CVE-2021-30174

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2021-05-11T06:15:06.860

Modified: 2021-05-17T20:30:30.490

Link: CVE-2021-30174

cve-icon Redhat

No data.