CVE-2021-42856
Reflected Cross-site Scripting at DsaDataTest
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 4.7EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
09 mar 2022Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
It was discovered that the /DsaDataTest endpoint is susceptible to Cross-site scripting (XSS) attack. It was noted that the Metric parameter does not have any input checks on the user input that allows an attacker to craft its own malicious payload to trigger a XSS vulnerability.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Produtos afetados
Aternity · SteelCentral AppInternals Dynamic Sampling AgentQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →