VYPR

Novus Management System

by AAT

CVEs (1)

  • CVE-2021-34821MedJul 19, 2021
    risk 0.40cvss 6.1epss 0.01

    Cross Site Scripting (XSS) vulnerability exists in AAT Novus Management System through 1.51.2. The WebUI has wrong HTTP 404 error handling implemented. A remote, unauthenticated attacker may be able to exploit the issue by sending malicious HTTP requests to non-existing URIs.…