Lucene search
IcscertCVELIST:CVE-2021-42535HistoryJul 27, 2022 - 8:21 p.m.
CVE-2021-42535 VISAM VBASE Editor Cross Site Scripting
2022-07-2720:21:04
icscert
www.cve.org
2
visam vbase editor
version 11.6.0.6
cross site scripting
neutralize user-controllable input
public-facing webpage
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
39.8%
VISAM VBASE version 11.6.0.6 does not neutralize or incorrectly neutralizes user-controllable input before the data is placed in output used as a public-facing webpage.
CNA Affected
[
{
"product": "VBASE Pro-RT/ Server-RT (Web Remote)",
"vendor": "VISAM",
"versions": [
{
"status": "affected",
"version": "version 11.6.0.6"
}
]
}
]Related
cve
cve
CVE-2021-42535
2022-07-27 21:15:08
prion
prion
Input validation
2022-07-27 21:15:00
nvd
nvd
CVE-2021-42535
2022-07-27 21:15:08
ics
ics
VISAM VBASE Editor
2021-11-09 12:00:00
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
39.8%
Related for CVELIST:CVE-2021-42535