Lucene search
INCIBECVELIST:CVE-2021-4046HistoryFeb 11, 2022 - 5:40 p.m.
CVE-2021-4046 TCMAN GIM Cross-Site Scripting (XSS)
2022-02-1117:40:06
CWE-79
INCIBE
www.cve.org
3
cve-2021-4046
cross-site scripting
browser hijacking
sensitive data theft
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
22.7%
The m_txtNom y m_txtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability could be used to carry out a number of browser-based attacks including browser hijacking or theft of sensitive data.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "GIM",
"vendor": "TCMAN",
"versions": [
{
"status": "affected",
"version": "8.01"
}
]
}
]Related
prion
prion
Cross site scripting
2022-02-11 18:15:00
cve
cve
CVE-2021-4046
2022-02-11 18:15:10
nvd
nvd
CVE-2021-4046
2022-02-11 18:15:10
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
22.7%
Related for CVELIST:CVE-2021-4046