CVE-2021-31589

Sažetak

A cross-site scripting (XSS) vulnerability has been reported and confirmed for BeyondTrust Secure Remote Access Base Software version 6.0.1 and older, which allows the injection of unauthenticated, specially-crafted web requests without proper sanitization.

Reference

https://www.beyondtrust.com/docs/release-notes/index.htm
https://cxsecurity.com/issue/WLB-2022010013
http://packetstormsecurity.com/files/165408/BeyondTrust-Remote-Support-6.0-Cross-Site-Scripting.html

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

07-02-2022 - 18:59

Objavljeno

05-01-2022 - 12:15