What the vulnerability does

01Description

OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL.

Key dates

02Disclosure timeline

September 23, 2021 CVE published
August 3, 2024 Record updated