CVE-2021-31558
DIAEnergie Version 1.7.5 and prior is vulnerable to stored cross-site scripting when an unauthenticated user injects arbitrary code into the parameter “descr� of the script “DIAE_hierarchyHandler.ashx�.
Source: CVE-2021-31558