CVE-2021-3150

CVE-2021-3150 is a cross-site scripting (XSS) vulnerability in Cryptshare Server prior to 4.8.0 on the Delete Personal Data page, exploitable via the user name. Multiple sources confirm the issue and indicate the fix is to upgrade to 4.8.1 . The NVD and Red Hat entries describe the same flaw and ...

CVE-2021-42564

CVE-2021-42564 affects Cryptshare (Web App component) prior to 5.1.0. An HTML injection in the confidentiality workflow allows an attacker with permission to provide confidential messages to trigger an open redirect by injecting a in the editor parameter, causing recipients to be redirected to a...