Lucene search
MitreCVELIST:CVE-2021-40906HistoryMar 25, 2022 - 10:20 p.m.
CVE-2021-40906
2022-03-2522:20:04
mitre
www.cve.org
2
0.001 Low
EPSS
Percentile
29.2%
CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other client-side scripts) or to steal the session cookies of a user who has previously authenticated via a man in the middle. Successful exploitation requires access to the web service resource without authentication.
Related
nvd
nvd
CVE-2021-40906
2022-03-25 23:15:08
prion
prion
Authentication flaw
2022-03-25 23:15:00
githubexploit
githubexploit
Exploit for Cross-site Scripting in Tribe29 Checkmk
2021-10-12 09:30:38
cve
cve
CVE-2021-40906
2022-03-25 23:15:08
osv
osv
CVE-2021-40906
2022-03-25 23:15:08
check-mk vulnerabilities
2022-07-20 08:36:48
check-mk vulnerabilities
2022-07-20 10:26:46
openvas
openvas
Checkmk < 1.6.0p26 XSS Vulnerability
2022-03-29 00:00:00
Ubuntu: Security Advisory (USN-5527-2)
2023-01-27 00:00:00
Ubuntu: Security Advisory (USN-5527-1)
2022-07-21 00:00:00
ubuntucve
ubuntucve
CVE-2021-40906
2022-03-25 00:00:00
nessus
nessus
Ubuntu 18.04 LTS : Checkmk vulnerabilities (USN-5527-1)
2022-07-20 00:00:00
ubuntu
ubuntu
Checkmk vulnerabilities
2022-07-20 00:00:00
Checkmk vulnerabilities
2022-07-20 00:00:00