Lucene search
GoogleOSV:CVE-2021-40906HistoryMar 25, 2022 - 11:15 p.m.
CVE-2021-40906
2022-03-2523:15:08
Google
osv.dev
8
CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other client-side scripts) or to steal the session cookies of a user who has previously authenticated via a man in the middle. Successful exploitation requires access to the web service resource without authentication.
Related
nvd
nvd
CVE-2021-40906
2022-03-25 23:15:08
prion
prion
Authentication flaw
2022-03-25 23:15:00
githubexploit
githubexploit
Exploit for Cross-site Scripting in Tribe29 Checkmk
2021-10-12 09:30:38
cve
cve
CVE-2021-40906
2022-03-25 23:15:08
openvas
openvas
Checkmk < 1.6.0p26 XSS Vulnerability
2022-03-29 00:00:00
Ubuntu: Security Advisory (USN-5527-2)
2023-01-27 00:00:00
Ubuntu: Security Advisory (USN-5527-1)
2022-07-21 00:00:00
cvelist
cvelist
CVE-2021-40906
2022-03-25 22:20:04
ubuntucve
ubuntucve
CVE-2021-40906
2022-03-25 00:00:00
nessus
nessus
Ubuntu 18.04 LTS : Checkmk vulnerabilities (USN-5527-1)
2022-07-20 00:00:00
ubuntu
ubuntu
Checkmk vulnerabilities
2022-07-20 00:00:00
Checkmk vulnerabilities
2022-07-20 00:00:00
osv
osv
check-mk vulnerabilities
2022-07-20 08:36:48
check-mk vulnerabilities
2022-07-20 10:26:46