CVE-2021-47858

Sažetak

Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scripting vulnerability in the 'start_addr' parameter of the Security Management interface. Attackers can inject malicious scripts through the start source address field that will persist and trigger for privileged users when they access the security management page.

Reference

https://genexis.eu/product/platinum-series/
https://www.exploit-db.com/exploits/49709
https://www.vulncheck.com/advisories/genexis-platinum-p-a-startaddr-persistent-cross-site-scripting

CVSS

Base:	7.2
Impact:	2.7
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	LOW	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Zadnje važnije ažuriranje

26-01-2026 - 15:04

Objavljeno

21-01-2026 - 18:16