CVE-2021-45228
An XSS issue was discovered in COINS Construction Cloud 11.12. Due to insufficient neutralization of user input in the description of a task, it is possible to store malicious JavaScript code in the task description. This is later executed when it is reflected back to the user.
Date published : 2022-04-14
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-031.txt