CVE-2021-31862 SysAid 20474 allows reflected XSS via the KeepAlivejsp parameter, without authentication Timeline Discovered: April 28, 2021 Initial Vendor Contact: April 28, 2021 Reported: April 28, 2021 CVE ID issued: April 28, 2021 Secondary Vendor Contact: (Vendor did not reply to initial contact): May 28, 2021 Public Release: October 29, 2021 Affected Versions: 20474