We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
NewType WebEIP v3.0 does not properly validate user input, allowing a remote attacker with regular privileges to insert JavaScript into specific parameters, resulting in a Reflected Cross-site Scripting (XSS) attack. The affected product is no longer maintained. It is recommended to upgrade to the new product.
Reserved 2024-10-15 | Published 2024-10-15 | Updated 2024-10-15 | Assigner twcertCWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
www.twcert.org.tw/tw/cp-132-8134-c476d-1.html
www.twcert.org.tw/en/cp-139-8135-ce1e6-2.html
Support options