Arbitrary Code Execution via Cross Site Scripting (XSS) in EasyVista Service Manager 2018.1.181.1

Arbitrary Code Execution via Cross Site Scripting (XSS) in EasyVista Service Manager 2018.1.181.1

CVE-2021-33231 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Cross Site Scripting (XSS) vulnerability in New equipment page in EasyVista Service Manager 2018.1.181.1 allows remote attackers to run arbitrary code via the notes field.

Learn more about our Web Application Penetration Testing UK.