Remote Code Execution Vulnerability in Cyclos 4 PRO 4.14.7 and Earlier
CVE-2021-31674 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine enum constant.
Learn more about our User Device Pen Test.