exploitDog

CVE-2021-3442

Опубликовано: 22 авг. 2022

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

A flaw was found in the Red Hat OpenShift API Management product. User input is not validated allowing an authenticated user to inject scripts into some text boxes leading to a XSS attack. The highest threat from this vulnerability is to data confidentiality.

Ссылки

https://access.redhat.com/security/cve/CVE-2021-3442
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1930083
Issue Tracking
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2021-3442
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1930083
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:openshift_api_management:2.9.1:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00212

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-20

CWE-20

Связанные уязвимости

CVE-2021-3442

CVSS3: 7.1

redhat

больше 4 лет назад

A flaw was found in the Red Hat OpenShift API Management product. User input is not validated allowing an authenticated user to inject scripts into some text boxes leading to a XSS attack. The highest threat from this vulnerability is to data confidentiality.

GHSA-hgh9-g52q-6m7g

CVSS3: 5.4

github

больше 3 лет назад

A flaw was found in the Red Hat OpenShift API Management product. User input is not validated allowing an authenticated user to inject scripts into some text boxes leading to a XSS attack. The highest threat from this vulnerability is to data confidentiality.

EPSS

Процентиль: 44%

0.00212

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-20

CWE-20