Filtered by vendor Hundredplus
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-32540 | 1 Hundredplus | 1 101eip | 2024-11-21 | 5.4 Medium |
| Add announcement function in the 101EIP system does not filter special characters, which allows authenticated users to inject JavaScript and perform a stored XSS attack. | ||||
| CVE-2021-32539 | 1 Hundredplus | 1 101eip | 2024-11-21 | 5.4 Medium |
| Add event in calendar function in the 101EIP system does not filter special characters in specific fields, which allows remote authenticated users to inject JavaScript and perform a stored XSS attack. | ||||
Page 1 of 1.