CVE-2021-32540

Add announcement function in the 101EIP system does not filter special characters, which allows authenticated users to inject JavaScript and perform a stored XSS attack. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt