Vulnerabilities > Johnsoncontrols > Exacqvision Enterprise Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-06-24 CVE-2021-27658 Cross-site Scripting vulnerability in Johnsoncontrols Exacqvision Enterprise Manager 20.06.4.0/20.12
exacqVision Enterprise Manager 20.12 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other users.
network
low complexity
johnsoncontrols CWE-79
5.4