Title: Reflected Cross-Site Scripting in Gurock TestRail
CVE ID: CVE-2021-44263
CVSSv3 Base Score: 6.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
Advisory Release Date: 17-02-2022
Advisory URL: https://labs.integrity.pt/advisories/cve-2021-44263
Credits: Discovery by Marco Vieira <msv[at]integrity.pt>
TestRail fails to sanitize an input before rendering the dashboard leading to a reflected XSS.