CVE-2021-27526

Name of the Vulnerable Software and Affected Versions DynPG version 4.9.2

Description A cross-site scripting (XSS) issue allows remote attackers to inject JavaScript via the page parameter. This enables attackers to execute malicious scripts on the victim's browser.

Recommendations For DynPG version 4.9.2, consider restricting access to the page parameter to minimize the risk of exploitation until a patch is available. Avoid using the page parameter in sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.