Reflected XSS Vulnerability in MCUsystem Login Page

Reflected XSS Vulnerability in MCUsystem Login Page

CVE-2021-32536 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

The login page in the MCUsystem does not filter with special characters, which allows remote attackers can inject JavaScript without privilege and thus perform reflected XSS attacks.

Learn more about our Web Application Penetration Testing UK.