Details of CVE-2021-34540
1.Go to the main page of Webaccess, and Click the Dashboard Viewer Function.
Product Version:8.4.4
2.Inject the XSS payload on the username column, and click submit.
Column: username
Xss payload:' <a onclick="alert(1)">root</a> '
3.After that, We will get a error message page. Now Click the "root".
4.The Xss vulnerability is triggered.
- The Webaccess which version is 8.4.2 also has the xss vulnerability.







