Vulnerability Details CVE-2021-42335
Easytest bulletin board management function of online learning platform does not filter special characters. After obtaining a user’s privilege, remote attackers can inject JavaScript and execute stored XSS attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 36.0%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2021-42335
-
cpe:2.3:a:huaju:easytest_online_learning_test_platform:1705