Lucene search

K
osvGoogleOSV:CVE-2021-38704
HistorySep 07, 2021 - 8:15 p.m.

CVE-2021-38704

2021-09-0720:15:07
Google
osv.dev

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.4%

Multiple reflected cross-site scripting (XSS) vulnerabilities in ClinicCases 7.3.3 allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. This can result in account takeover via session token theft.

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.4%