CVE-2021-32536

Summary

The login page in the MCUsystem does not filter with special characters, which allows remote attackers can inject JavaScript without privilege and thus perform reflected XSS attacks.

Affected Software

VendorProductVersion RangeStatus
MCU TechnologiesMCUsystem5.5affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References