CVE-2021-32544

CVE-2021-32544. Learn more at National Vulnerability Database (NVD). • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings ... Gotofor: CVSSScoresCPEInfo      CVEList▾ CVEListSearch SearchTips CVERequestWebForm WebFormHelp PGPKey CVEListDocuments&Guidance TermsofUse        CNAs▾ CVENumberingAuthorities(CNAs) ParticipatingCNAs CNADocuments,Policies&Guidance CNARules,Version3.0 NewCNAOnboarding Slides&Videos HowtoBecomeaCNA         WGs▾ CVEWorkingGroups Automation(AWG) CNACoordination(CNACWG) OutreachandCommunications(OCWG) CVEQuality(QWG) StrategicPlanning(SPWG) Transition(TWG)         Board▾ CVEBoard Members EmailArchives MeetingArchives BoardCharter         About▾ AboutCVE ProfessionalCodeofConduct CVE&NVDRelationship History Sponsor Documentation&Guidance FAQs Terminology       News&Blog▾ LatestCVENews Blog Podcast Calendar Archive FollowCVE FreeCVENewsletter CVEnewTwitterFeed CVEannounceTwitterFeed CVEonMedium CVEonLinkedIn CVEProjectonGitHub CVEonYouTube      SearchCVEList      Downloads      DataFeeds      UpdateaCVERecord      RequestCVEIDs      TOTALCVERecords: 177447 NOTICE:Transitiontotheall-newCVEwebsiteatWWW.CVE.ORGisunderwayandwilllastuptooneyear.(details) NOTICE:ChangescomingtoCVERecordFormatJSONandCVEListContentDownloadsin2022. Home>CVE>CVE-2021-32544    CVE-ID CVE-2021-32544 LearnmoreatNationalVulnerabilityDatabase(NVD) •CVSSSeverityRating•FixInformation•VulnerableSoftwareVersions•SCAPMappings•CPEInformation Description SpecialcharactersofIGTsearchfunctioninigt+arenotfilteredinspecificfields,whichallowremoteauthenticatedattackerscaninjectmaliciousJavaScriptandcarryoutDOM-basedXSS(Cross-sitescripting)attacks. References Note:Referencesareprovidedfortheconvenienceofthereadertohelpdistinguishbetweenvulnerabilities.Thelistisnotintendedtobecomplete. MISC:https://www.twcert.org.tw/tw/cp-132-4719-e298a-1.html URL:https://www.twcert.org.tw/tw/cp-132-4719-e298a-1.html AssigningCNA TWCERT/CC DateRecordCreated 20210510 Disclaimer:Therecordcreationdatemayreflectwhen theCVEIDwasallocatedorreserved,anddoesnot necessarilyindicatewhenthisvulnerabilitywas discovered,sharedwiththeaffectedvendor,publicly disclosed,orupdatedinCVE. Phase(Legacy) Assigned(20210510) Votes(Legacy) Comments(Legacy) Proposed(Legacy) N/A ThisisarecordontheCVEList,whichprovidescommonidentifiersforpubliclyknowncybersecurityvulnerabilities. SearchCVEUsingKeywords:   YoucanalsosearchbyreferenceusingtheCVEReferenceMaps. ForMoreInformation:  CVERequestWebForm(select"Other"fromdropdown) Backtotop SiteMap| TermsofUse| PrivacyPolicy| ContactUs| FollowCVE        UseoftheCVE®Listandtheassociatedreferencesfromthiswebsitearesubjecttothetermsofuse. CVEissponsoredbytheU.S.DepartmentofHomelandSecurity(DHS)CybersecurityandInfrastructureSecurityAgency(CISA).Copyright©1999–2022,TheMITRE Corporation.CVEandtheCVElogoareregisteredtrademarksofTheMITRECorporation.