Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2021-34821
HistoryJul 19, 2021 - 5:21 p.m.

CVE-2021-34821

2021-07-1917:21:28
mitre
www.cve.org
4
cross site scripting
aat novus management system
http 404 error handling
remote attacker
unauthenticated
malicious http requests
html document.

EPSS

0.002

Percentile

51.6%

JSON

Cross Site Scripting (XSS) vulnerability exists in AAT Novus Management System through 1.51.2. The WebUI has wrong HTTP 404 error handling implemented. A remote, unauthenticated attacker may be able to exploit the issue by sending malicious HTTP requests to non-existing URIs. The value of the URL path filename is copied into the HTML document as plain text tags.

Related

prion 1
cnvd 1
nvd 1
cve 1
prion
prion
Cross site scripting
2021-07-19 18:15:00
cnvd
cnvd
Novus Management System Cross-Site Scripting Vulnerability
2021-07-21 00:00:00
nvd
nvd
CVE-2021-34821
2021-07-19 18:15:08
cve
cve
CVE-2021-34821
2021-07-19 18:15:08

EPSS

0.002

Percentile

51.6%

JSON
Related for CVELIST:CVE-2021-34821
prion1cnvd1nvd1cve1