3 matches found
CVE-2021-38157
creationtimestamp| type| source ---|---|--- 2021-08-07 00:33:15+00:00| seen| https://t.me/cibsecurity/26963...
CVE-2021-38157
LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2021-38157
The CVE-2021-38157 entry concerns LeoStream Connection Broker 9.x prior to 9.0.34.3, which is vulnerable to unauthenticated reflected XSS via the /index.pl endpoint using the user parameter. The root cause is improper handling/validation of user-supplied input on that endpoint, enabling an attack...