Lucene search
PRIOn knowledge basePRION:CVE-2021-21445HistoryJan 12, 2021 - 3:15 p.m.
Cross site scripting
2021-01-1215:15:00
PRIOn knowledge base
www.prio-n.com
5
SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, 2011, allows an authenticated attacker to include invalidated data in the HTTP response Content Type header, due to improper input validation, and sent to a Web user. A successful exploitation of this vulnerability may lead to advanced attacks, including cross-site scripting and page hijacking.
| CPE | Name | Operator | Version |
|---|---|---|---|
| commerce_cloud | eq | 1808 | |
| commerce_cloud | eq | 1811 | |
| commerce_cloud | eq | 1905 | |
| commerce_cloud | eq | 2005 | |
| commerce_cloud | eq | 2011 |
Related
nvd
nvd
CVE-2021-21445
2021-01-12 15:15:14
cvelist
cvelist
CVE-2021-21445
2021-01-12 14:42:03
cve
cve
CVE-2021-21445
2021-01-12 15:15:14