CVE-2021-42534 : Exploit Details and Defense Strategies

Trane Building Automation Controllers Cross-site Scripting vulnerability in Tracer SC version 3.8 and prior allows code injection in input forms. The vulnerability was reported by Chizuru Toyama of TXOne IoT/ICS Security Research Labs of Trend Micro to CISA. Published on: 2021-10-19 CVSS Base Score: 6.3 (Medium)