CVE-2021-32544 | HackTesting

Special characters of IGT search function in igt+ are not filtered in specific fields, which allow remote authenticated attackers can inject malicious JavaScript and carry out DOM-based XSS (Cross-site scripting) attacks.

References

https://www.twcert.org.tw/tw/cp-132-4719-e298a-1.html