CVE-2021-42080
Reflected XSS vulnerability in OSNEXUS QuantaStor before 6.0.0.355
| CVE | CVE-2021-42080 | |||||||||||
| Title | Reflected XSS vulnerability in OSNEXUS QuantaStor before 6.0.0.355 | |||||||||||
| Credits |
|
|||||||||||
| Affected products |
|
|||||||||||
| CVSS |
Base score:
6.5
(MEDIUM) |
|||||||||||
| References |
|
|||||||||||
| Problem type(s) | CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||||||||
| Date published | ||||||||||||
| Last modified | 10 Jul 2023 06:29 UTC |
Description
An attacker is able to launch a Reflected XSS attack using a crafted URL.
Solution(s)
Upgrade to the latest version of OSNEXUS QuantaStor.
JSON version.