Filtered by vendor Hundredplus
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32540 | 1 Hundredplus | 1 101eip | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| Add announcement function in the 101EIP system does not filter special characters, which allows authenticated users to inject JavaScript and perform a stored XSS attack. | |||||
| CVE-2021-32539 | 1 Hundredplus | 1 101eip | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| Add event in calendar function in the 101EIP system does not filter special characters in specific fields, which allows remote authenticated users to inject JavaScript and perform a stored XSS attack. | |||||