3 matches found
CVE-2021-37216
creationtimestamp| type| source ---|---|--- 2021-08-02 16:27:25+00:00| seen| https://t.me/cibsecurity/26674 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-37216.yaml...
CVE-2021-37216
QSAN Storage Manager header page parameters does not filter special characters. Remote attackers can inject JavaScript without logging in and launch reflected XSS attacks to access and modify specific data...
CVE-2021-37216
QSAN Storage Manager prior to version 3.3.3 contains a reflected cross-site scripting (XSS) vulnerability in header page parameters that do not filter special characters. Remote attackers can inject JavaScript to access and modify data, potentially leading to session hijacking or other data expos...