CVE-2021-42335

Summary

Easytest bulletin board management function of online learning platform does not filter special characters. After obtaining a user’s privilege, remote attackers can inject JavaScript and execute stored XSS attack.

Affected Software

VendorProductVersion RangeStatus
Huachu Digital Technology Co.,Ltd.Easytest1705affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References