CHT Security Red Team Discovered a Vulnerability in the MCU System of a Well-Known ‎Video Conferencing Software

Summary

Vulnerability List

  1. [CVE-2021-32536] Cross Site Scripting

 


Details

1. Cross Site Scripting

Description

A reflected cross-site scripting (XSS) vulnerability was found in the MCU system 5.5. Arbitrary web scripts would be injected via HTTP-GET.

Impact

It will affect the users of the MCU system. Browsers might be manipulated if a malicious URL has been clicked.

Version

V5.5

Credits

* Lai, Yu-Jen (CHT Security)