Cross site scripting

2021-05-0705:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

46.8%

JSON

A Cross-site scripting (XSS) vulnerability in the DocumentAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the uuid parameter.

CPENameOperatorVersion
emissaryeq5.9.0

CPE	Name	Operator	Version
	emissary	eq	5.9.0

References

blog.sonarsource.com/code-vulnerabilities-in-nsa-application-revealed

portswigger.net/daily-swig/nsa-workflow-application-emissary-vulnerable-to-malicious-takeover

0.001 Low

EPSS

Percentile

46.8%

JSON

Related for PRION:CVE-2021-32092