Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2021-1879
HistoryApr 02, 2021 - 7:15 p.m.

Cross site scripting

2021-04-0219:15:00
PRIOn knowledge base
www.prio-n.com
4

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

60.3%

JSON

This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been actively exploited…

Related

thn 6
apple 3
mmpc 1
mssecure 1
checkpoint_advisories 1
attackerkb 1
malwarebytes 2
cve 1
cisa_kev 1
threatpost 1
trellix 2
qualysblog 3
googleprojectzero 1
thn
thn
SolarWinds Hackers Target Think Tanks With New 'NativeZone' Backdoor
2021-05-28 11:24:00
Google Details iOS, Chrome, IE Zero-Day Flaws Exploited Recently in the Wild
2021-07-15 08:25:00
Apple Issues Urgent Patch Update for Another Zero‑Day Under Attack
2021-03-27 06:07:00
apple
apple
About the security content of iOS 12.5.2
2021-03-26 00:00:00
About the security content of iOS 14.4.2 and iPadOS 14.4.2
2021-03-26 00:00:00
About the security content of watchOS 7.3.3
2021-03-26 00:00:00
mmpc
mmpc
New sophisticated email-based attack from NOBELIUM
2021-05-28 00:00:50
mssecure
mssecure
New sophisticated email-based attack from NOBELIUM
2021-05-28 00:00:50
checkpoint_advisories
checkpoint_advisories
Apple WebKit Use After Free (CVE-2021-1879)
2021-07-26 00:00:00
attackerkb
attackerkb
CVE-2021-1879
2021-04-02 00:00:00
malwarebytes
malwarebytes
SolarWinds attackers launch new campaign
2021-05-28 14:24:01
Update now! Apple patches another privilege escalation bug in iOS and iPadOS
2021-10-12 16:07:53
cve
cve
CVE-2021-1879
2021-04-02 19:15:00
cisa_kev
cisa_kev
Apple iOS, iPadOS, and watchOS Cross-Site Scripting (XSS) Vulnerability
2021-11-03 00:00:00
threatpost
threatpost
Safari Zero-Day Used in Malicious LinkedIn Campaign
2021-07-15 11:04:49
trellix
trellix
The Bug Report – April 2023 Edition
2023-05-03 00:00:00
The Bug Report – April 2023 Edition
2023-05-03 00:00:00
qualysblog
qualysblog
Apple fixes zero-day in iOS and iPadOS 15.0.2 emergency release: Detect and Prioritize Vulnerabilities using VMDR for Mobile Devices
2021-10-18 07:41:18
Protect your Devices from Pegasus Spyware using VMDR for Mobile Devices’ Proactive Approach
2021-07-23 16:31:38
Qualys Response to CISA Alert: Binding Operational Directive 22-01
2021-11-09 06:15:01
googleprojectzero
googleprojectzero
The More You Know, The More You Know You Don’t Know
2022-04-19 00:00:00

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

60.3%

JSON
Related for PRION:CVE-2021-1879
thn6apple3mmpc1mssecure1checkpoint_advisories1attackerkb1malwarebytes2cve1cisa_kev1threatpost1trellix2qualysblog3googleprojectzero1