CVE-2021-42534

Summary

The affected product’s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms.

Affected Software

VendorProductVersion RangeStatus
TraneTracer SCAll <= 3.8affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References