Back to search
CVE-2021-20785
Published: Jul 28, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
Cross-site scripting vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0) allows a remote attacker to inject an arbitrary script by sending a specially crafted request to a specific URL.
| Vendor | Product | Versions |
|---|---|---|
Japan Total System Co.,Ltd. | GroupSession | affected GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0 |
References
https://groupsession.jp/info/info-news/security202107
x_refsource_MISC
https://jvn.jp/en/jp/JVN86026700/index.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now