Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.CreditsP. ChistèA. FalbM. SelingerM. SuchyP. OberndorferP. MaluendaD. SaglM. Narbeshuber-SpletzerJ. SpringerP. RiedlC. HierzerM. PammerReferenceshttps://cyberdanube.com/security-research/st-polten-uas-multiple-vulnerabilities-in-oring-iap/
