Cross-Site Scripting Vulnerability in Opensis-Classic by OS4ED
CVE-2021-40542
6.1MEDIUM
What is CVE-2021-40542?
Opensis-Classic Version 8.0 has a vulnerability that allows unauthenticated attackers to exploit the link_url parameter in Ajax_url_encode.php. By injecting malicious JavaScript code, these attackers can manipulate user sessions and execute harmful scripts within the context of a user's browser, leading to potential data theft or session hijacking.
