SAS Environment Manager 2.5 allows XSS through the Name field when creating/editing a server. The XSS will prompt when editing the Configuration Properties.
sas environment manager 2.5
Writeup for CVE-2021-35475; Stored Cross-Site Scripting(XSS) on SAS® Environment Manager 2.5
CVE-2021-35475 Writeup for CVE-2021-35475 Stored Cross-Site Scripting(XSS) on SAS® Environment Manager 25 Writeup will be migrating here
Vulmon