Lucene search
China National Vulnerability DatabaseCNVD-2021-70110HistorySep 09, 2021 - 12:00 a.m.
ClinicCases Cross-Site Scripting Vulnerability
2021-09-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.002 Low
EPSS
Percentile
51.4%
ClinicCases is an open source case management system designed for law school clinics.A cross-site scripting vulnerability exists in ClinicCases version 7.3.3, which stems from the software’s lack of effective validation and filtering of user-submitted parameters. The vulnerability allows an unauthenticated attacker to introduce arbitrary JavaScript by crafting a malicious URL. An attacker can take over an account through session token theft.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cliniccases cliniccases | eq | 7.3.3 |
Related
cve
cve
CVE-2021-38704
2021-09-07 20:15:07
nvd
nvd
CVE-2021-38704
2021-09-07 20:15:07
nuclei
nuclei
ClinicCases 7.3.3 Cross-Site Scripting
2021-11-02 17:46:22
cvelist
cvelist
CVE-2021-38704
2021-09-07 19:21:49
prion
prion
Cross site scripting
2021-09-07 20:15:00
osv
osv
CVE-2021-38704
2021-09-07 20:15:07
githubexploit
githubexploit
Exploit for Cross-site Scripting in Cliniccases
2021-09-03 20:41:58