CVE-2021-35059

CVE-2021-35059

EPSS 0.6%

OpenWay WAY4 ACS before 1.2.278-2693 allows XSS via the /way4acs/enroll action parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://gist.github.com/exviry/560fededd1e44b7cced483d8ca8c362e https://www.openwaygroup.com/way4-platform