Описание
Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability in the /goform/activate_process "count" parameter via GET. No authentication is required.
Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability in the /goform/activate_process "count" parameter via GET. No authentication is required.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-45422
- https://github.com/WlX-33/PoC-for-CVE/blob/main/CVE-2021-45422/RLM%2014.2%20Cross%20Site%20Scripting.txt
- https://seclists.org/fulldisclosure/2022/Jan/31
- https://www.getinfosec.news/13202933/reprise-license-manager-142-reflected-cross-site-scripting#
- http://reprise.com
Связанные уязвимости
CVSS3: 6.1
nvd
около 4 лет назад
Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability in the /goform/activate_process "count" parameter via GET. No authentication is required.