Title:Accela Civic Platform 跨站脚本漏洞 (CVE-2021-33904) Description:In Accela Civic Platform through 21.1, the security/hostSignon.do parameter servProvCode is vulnerable to XSS. NOTE: The vendor states "there are configurable security flags and we are unable to reproduce them with the available information.
Description
Accela Civic Platform through 21.1 contains a cross-site scripting vulnerability via the security/hostSignon.do parameter servProvCode.
1. It is advised to access via the original source first.2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →