Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-46827
HistoryJul 13, 2022 - 5:15 a.m.

CVE-2021-46827

2022-07-1305:15:07
CWE-79
[email protected]
web.nvd.nist.gov
30
2
xss
oxygen xml webhelp
cve-2021-46827
vulnerability
javascript
nvd

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.3%

JSON

An issue was discovered in Oxygen XML WebHelp before 22.1 build 2021082006 and 23.x before 23.1 build 2021090310. An XSS vulnerability in search terms proposals (in online documentation generated using Oxygen XML WebHelp) allows attackers to execute JavaScript by convincing a user to type specific text in the WebHelp output search field.

Affected configurations

NVD
Node
syncoxygen_publishing_engineRange<22.1
OR
syncoxygen_publishing_engineMatch22.12020061014
OR
syncoxygen_publishing_engineMatch22.12020072823
OR
syncoxygen_publishing_engineMatch22.12020100801
OR
syncoxygen_publishing_engineMatch22.12020121711
OR
syncoxygen_publishing_engineMatch23.12021040717
OR
syncoxygen_publishing_engineMatch23.12021060401
OR
syncoxygen_xml_authorRange<22.1
OR
syncoxygen_xml_authorMatch22.12020061102
OR
syncoxygen_xml_authorMatch22.12020072902
OR
syncoxygen_xml_authorMatch22.12020100710
OR
syncoxygen_xml_authorMatch22.12020121713
OR
syncoxygen_xml_authorMatch23.12021030206
OR
syncoxygen_xml_authorMatch23.12021040908
OR
syncoxygen_xml_authorMatch23.12021061407
OR
syncoxygen_xml_developerRange<22.1
OR
syncoxygen_xml_developerMatch22.12020061102
OR
syncoxygen_xml_developerMatch22.12020072902
OR
syncoxygen_xml_developerMatch22.12020100710
OR
syncoxygen_xml_developerMatch22.12020121713
OR
syncoxygen_xml_developerMatch23.12021030206
OR
syncoxygen_xml_developerMatch23.12021040908
OR
syncoxygen_xml_developerMatch23.12021061407
OR
syncoxygen_xml_editorRange<22.1
OR
syncoxygen_xml_editorMatch22.12020061102
OR
syncoxygen_xml_editorMatch22.12020072902
OR
syncoxygen_xml_editorMatch22.12020100710
OR
syncoxygen_xml_editorMatch22.12020121713
OR
syncoxygen_xml_editorMatch23.12021030206
OR
syncoxygen_xml_editorMatch23.12021040908
OR
syncoxygen_xml_editorMatch23.12021061407
OR
syncoxygen_xml_webhelpRange<22.1
OR
syncoxygen_xml_webhelpMatch22.12020061014
OR
syncoxygen_xml_webhelpMatch22.12020072412
OR
syncoxygen_xml_webhelpMatch22.12020100208
OR
syncoxygen_xml_webhelpMatch22.12020121713
OR
syncoxygen_xml_webhelpMatch23.12021030210
OR
syncoxygen_xml_webhelpMatch23.12021040711
OR
syncoxygen_xml_webhelpMatch23.12021060306

Social References

More

Related

cvelist 1
nvd 1
prion 1
cvelist
cvelist
CVE-2021-46827
2022-07-13 04:55:13
nvd
nvd
CVE-2021-46827
2022-07-13 05:15:07
prion
prion
Cross site scripting
2022-07-13 05:15:00

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.3%

JSON
Related for CVE-2021-46827
cvelist1nvd1prion1