Improper neutralization of special elements leaves the Eyes of Network Web application vulnerable to an iFrame injection attack, via the url parameter of /module/module_frame/index.php.
https://www.tenable.com/security/research/tra-2022-29
Source: MITRE
Published: 2022-08-15
Updated: 2022-08-16
Type: CWE-74