XSS Injection Vulnerability in iMaster NCE-Fabric V100R019C10

XSS Injection Vulnerability in iMaster NCE-Fabric V100R019C10

CVE-2021-22410 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client.

Learn more about our Web Application Penetration Testing UK.