CVE-2021-35061

Name of the Vulnerable Software and Affected Versions: DRK Odenwaldkreis Testerfassung version March-2021

Description: The issue allows remote attackers to inject arbitrary web script or HTML via all parameters to HTML form fields in all components. This can be exploited by sending malicious input to the affected system, potentially leading to unauthorized actions or data exposure.

Recommendations: For DRK Odenwaldkreis Testerfassung version March-2021, as a temporary workaround, consider restricting access to HTML form fields to minimize the risk of exploitation. Avoid using parameters that allow arbitrary input in the affected components until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.