VYPR
Medium severity5.4NVD Advisory· Published Aug 9, 2021· Updated Jun 17, 2026

CVE-2021-37211

CVE-2021-37211

Description

The bulletin function of Flygo does not filter special characters while a new announcement is added. Remoter attackers can use the vulnerability with general user’s credential to inject JavaScript and execute stored XSS attacks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Flygo/Flygollm-fuzzy
  • Larvata Digital Technology Co. Ltd./FLYGOv5
    Range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.