Medium severity4.6NVD Advisory· Published May 7, 2021· Updated Jun 17, 2026
CVE-2021-30170
CVE-2021-30170
Description
Special characters of ERP POS customer profile page are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out stored XSS (Stored Cross-site scripting) attacks, additionally access and manipulate customer’s information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 2013.10
Patches
Vulnerability mechanics
References
1- www.twcert.org.tw/tw/cp-132-4707-9c87e-1.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.