CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 3 and 3.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
301 CVE-2021-21630 79 XSS 2021-03-30 2021-04-02
3.5
None Remote Medium ??? None Partial None
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
302 CVE-2021-21628 79 XSS 2021-03-30 2021-04-02
3.5
None Remote Medium ??? None Partial None
Jenkins Build With Parameters Plugin 1.5 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
303 CVE-2021-21622 79 XSS 2021-02-24 2021-02-27
3.5
None Remote Medium ??? None Partial None
Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
304 CVE-2021-21619 79 XSS 2021-02-24 2021-02-27
3.5
None Remote Medium ??? None Partial None
Jenkins Claim Plugin 2.18.1 and earlier does not escape the user display name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers who are able to control the display names of Jenkins users, either via the security realm, or directly inside Jenkins.
305 CVE-2021-21618 79 XSS 2021-02-24 2021-02-27
3.5
None Remote Medium ??? None Partial None
Jenkins Repository Connector Plugin 2.0.2 and earlier does not escape parameter names and descriptions for past builds, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
306 CVE-2021-21616 79 XSS 2021-02-24 2021-02-27
3.5
None Remote Medium ??? None Partial None
Jenkins Active Choices Plugin 2.5.2 and earlier does not escape reference parameter values, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
307 CVE-2021-21615 367 2021-01-26 2021-02-02
3.5
None Remote Medium ??? Partial None None
Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using the file browser for workspaces and archived artifacts due to a time-of-check to time-of-use (TOCTOU) race condition.
308 CVE-2021-21611 79 XSS 2021-01-13 2021-01-15
3.5
None Remote Medium ??? None Partial None
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape display names and IDs of item types shown on the New Item page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to specify display names or IDs of item types.
309 CVE-2021-21608 79 XSS 2021-01-13 2021-01-15
3.5
None Remote Medium ??? None Partial None
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape button labels in the Jenkins UI, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with the ability to control button labels.
310 CVE-2021-21603 79 XSS 2021-01-13 2021-01-15
3.5
None Remote Medium ??? None Partial None
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape notification bar response contents, resulting in a cross-site scripting (XSS) vulnerability.
311 CVE-2021-21543 79 Exec Code XSS 2021-04-30 2021-05-10
3.5
None Remote Medium ??? None Partial None
Dell EMC iDRAC9 versions prior to 4.40.00.00 contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges could potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected parameters. When victim users access the submitted data through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application.
312 CVE-2021-21542 79 Exec Code XSS 2021-04-30 2021-05-10
3.5
None Remote Medium ??? None Partial None
Dell EMC iDRAC9 versions prior to 4.40.10.00 contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges could potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected while generating a certificate. When victim users access the submitted data through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application.
313 CVE-2021-21515 79 XSS 2021-03-01 2021-03-08
3.5
None Remote Medium ??? None Partial None
Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross-Site Scripting vulnerability. A remote low privileged attacker may potentially exploit this vulnerability, to hijack user sessions or to trick a victim application user to unknowingly send arbitrary requests to the server.
314 CVE-2021-21512 200 +Info 2021-02-19 2021-02-25
3.6
None Local Low Not required Partial Partial None
Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information Disclosure vulnerability. A locally authenticated high privileged Cyber Recovery user may potentially exploit this vulnerability leading to the takeover of the notification email account.
315 CVE-2021-21494 79 XSS 2021-01-04 2021-01-07
3.5
None Remote Medium ??? None Partial None
MK-AUTH through 19.01 K4.9 allows XSS via the admin/logs_ajax.php tipo parameter. An attacker can leverage this to read the centralmka2 (session token) cookie, which is not set to HTTPOnly.
316 CVE-2021-21470 611 2021-01-12 2021-01-14
3.6
None Local Low Not required None Partial Partial
SAP EPM Add-in for Microsoft Office, version - 1010 and SAP EPM Add-in for SAP Analysis Office, version - 2.8, allows an authenticated attacker with user privileges to parse malicious XML files which could result in XXE-based attacks in applications that accept attacker-controlled XML configuration files. This occurs as logging service does not disable XML external entities when parsing configuration files and a successful exploit would result in limited impact on integrity and availability of the application.
317 CVE-2021-21447 79 XSS 2021-01-12 2021-03-04
3.5
None Remote Medium ??? None Partial None
SAP BusinessObjects Business Intelligence platform, versions 410, 420, allows an authenticated attacker to inject malicious JavaScript payload into the custom value input field of an Input Control, which can be executed by User who views the relevant application content, which leads to Stored Cross-Site Scripting.
318 CVE-2021-21445 444 XSS 2021-01-12 2021-03-04
3.5
None Remote Medium ??? None Partial None
SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, 2011, allows an authenticated attacker to include invalidated data in the HTTP response Content Type header, due to improper input validation, and sent to a Web user. A successful exploitation of this vulnerability may lead to advanced attacks, including cross-site scripting and page hijacking.
319 CVE-2021-21434 79 Exec Code XSS 2021-02-08 2021-02-09
3.5
None Remote Medium ??? None Partial None
Survey administrator can craft a survey in such way that malicious code can be executed in the agent interface (i.e. another agent who wants to make changes in the survey). This issue affects: OTRS AG Survey 6.0.x version 6.0.20 and prior versions; 7.0.x version 7.0.19 and prior versions.
320 CVE-2021-21432 863 2021-04-09 2021-04-19
3.5
None Remote Medium ??? Partial None None
Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. An authentication mechanism added in version 0.7.0 enables some malicious user to obtain secrets utilizing the injected credentials within the `~/.netrc` file. Refer to the referenced GitHub Security Advisory for complete details. This is fixed in version 0.7.5.
321 CVE-2021-21418 79 XSS 2021-03-31 2021-04-06
3.5
None Remote Medium ??? None Partial None
ps_emailsubscription is a newsletter subscription module for the PrestaShop platform. An employee can inject javascript in the newsletter condition field that will then be executed on the front office The issue has been fixed in 2.6.1
322 CVE-2021-21416 209 2021-04-01 2021-04-06
3.5
None Remote Medium ??? Partial None None
django-registration is a user registration package for Django. The django-registration package provides tools for implementing user-account registration flows in the Django web framework. In django-registration prior to 3.1.2, the base user-account registration view did not properly apply filters to sensitive data, with the result that sensitive data could be included in error reports rather than removed automatically by Django. Triggering this requires: A site is using django-registration < 3.1.2, The site has detailed error reports (such as Django's emailed error reports to site staff/developers) enabled and a server-side error (HTTP 5xx) occurs during an attempt by a user to register an account. Under these conditions, recipients of the detailed error report will see all submitted data from the account-registration attempt, which may include the user's proposed credentials (such as a password).
323 CVE-2021-21398 79 XSS 2021-03-30 2021-04-02
3.5
None Remote Medium ??? None Partial None
PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.7.3, an attacker can inject HTML when the Grid Column Type DataColumn is badly used. The problem is fixed in 1.7.7.3
324 CVE-2021-21383 79 Exec Code XSS 2021-03-18 2021-03-24
3.5
None Remote Medium ??? None Partial None
Wiki.js an open-source wiki app built on Node.js. Wiki.js before version 2.5.191 is vulnerable to stored cross-site scripting through mustache expressions in code blocks. This vulnerability exists due to mustache expressions being parsed by Vue during content injection even though it is contained within a `<pre>` element. By creating a crafted wiki page, a malicious Wiki.js user may stage a stored cross-site scripting attack. This allows the attacker to execute malicious JavaScript when the page is viewed by other users. For an example see referenced GitHub Security Advisory. Commit 5ffa189383dd716f12b56b8cae2ba0d075996cf1 fixes this vulnerability by adding the v-pre directive to all `<pre>` tags during the render.
325 CVE-2021-21379 281 2021-03-12 2021-03-22
3.5
None Remote Medium ??? None Partial None
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions of XWiki Platform, the `{{wikimacrocontent}}` executes the content with the rights of the wiki macro author instead of the caller of that wiki macro. This makes possible to inject scripts through it and they will be executed with the rights of the wiki macro (very often a user which has Programming rights). Fortunately, no such macro exists by default in XWiki Standard but one could have been created or installed with an extension. This vulnerability has been patched in versions XWiki 12.6.3, 11.10.11 and 12.8-rc-1. There is no easy workaround other than disabling the affected macros. Inserting content in a safe way or knowing what is the user who called the wiki macro is not easy.
326 CVE-2021-21370 79 XSS 2021-03-23 2021-03-26
3.5
None Remote Medium ??? None Partial None
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 it has been discovered that content elements of type _menu_ are vulnerable to cross-site scripting when their referenced items get previewed in the page module. A valid backend user account is needed to exploit this vulnerability. This is fixed in versions 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1.
327 CVE-2021-21361 532 2021-03-09 2021-03-16
3.3
None Local Network Low Not required Partial None None
The `com.bmuschko:gradle-vagrant-plugin` Gradle plugin contains an information disclosure vulnerability due to the logging of the system environment variables. When this Gradle plugin is executed in public CI/CD, this can lead to sensitive credentials being exposed to malicious actors. This is fixed in version 3.0.0.
328 CVE-2021-21358 79 XSS 2021-03-23 2021-03-26
3.5
None Remote Medium ??? None Partial None
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 10.4.14, 11.1.1 it has been discovered that the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit this vulnerability. This is fixed in versions 10.4.14, 11.1.1.
329 CVE-2021-21340 79 XSS 2021-03-23 2021-03-26
3.5
None Remote Medium ??? None Partial None
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 10.4.14, 11.1.1 it has been discovered that database fields used as _descriptionColumn_ are vulnerable to cross-site scripting when their content gets previewed. A valid backend user account is needed to exploit this vulnerability. This is fixed in versions 10.4.14, 11.1.1 .
330 CVE-2021-21325 79 XSS 2021-03-08 2021-03-17
3.5
None Remote Medium ??? None Partial None
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 a new budget type can be defined by user. This input is not correctly filtered. This results in a cross-site scripting attack. To exploit this endpoint attacker need to be authenticated. This is fixed in version 9.5.4.
331 CVE-2021-21314 79 XSS 2021-03-03 2021-03-09
3.5
None Remote Medium ??? None Partial None
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is an XSS vulnerability involving a logged in user while updating a ticket.
332 CVE-2021-21312 79 XSS 2021-03-03 2021-03-10
3.5
None Remote Medium ??? None Partial None
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability within the document upload function (Home > Management > Documents > Add, or /front/document.form.php endpoint), indeed one of the form field: "Web Link" is not properly sanitized and a malicious user (who has document upload rights) can use it to deliver JavaScript payload. For example if you use the following payload: " accesskey="x" onclick="alert(1)" x=", the content will be saved within the database without any control. And then once you return to the summary documents page, by clicking on the "Web Link" of the newly created file it will create a new empty tab, but on the initial tab the pop-up "1" will appear.
333 CVE-2021-21298 22 Dir. Trav. 2021-02-26 2021-03-10
3.5
None Remote Medium ??? Partial None None
Node-Red is a low-code programming for event-driven applications built using nodejs. Node-RED 1.2.7 and earlier has a vulnerability which allows arbitrary path traversal via the Projects API. If the Projects feature is enabled, a user with `projects.read` permission is able to access any file via the Projects API. The issue has been patched in Node-RED 1.2.8. The vulnerability applies only to the Projects feature which is not enabled by default in Node-RED. The primary workaround is not give untrusted users read access to the Node-RED editor.
334 CVE-2021-21283 79 XSS 2021-01-26 2021-02-04
3.5
None Remote Medium ??? None Partial None
Flarum is an open source discussion platform for websites. The "Flarum Sticky" extension versions 0.1.0-beta.14 and 0.1.0-beta.15 has a cross-site scripting vulnerability. A change in release beta 14 of the Sticky extension caused the plain text content of the first post of a pinned discussion to be injected as HTML on the discussion list. The issue was discovered following an internal audit. Any HTML would be injected through the m.trust() helper. This resulted in an HTML injection where <script> tags would not be executed. However it was possible to run javascript from other HTML attributes, enabling a cross-site scripting (XSS) attack to be performed. Since the exploit only happens with the first post of a pinned discussion, an attacker would need the ability to pin their own discussion, or be able to edit a discussion that was previously pinned. On forums where all pinned posts are authored by your staff, you can be relatively certain the vulnerability has not been exploited. Forums where some user-created discussions were pinned can look at the first post edit date to find whether the vulnerability might have been exploited. Because Flarum doesn't store the post content history, you cannot be certain if a malicious edit was reverted. The fix will be available in version v0.1.0-beta.16 with Flarum beta 16. The fix has already been back-ported to Flarum beta 15 as version v0.1.0-beta.15.1 of the Sticky extension. Forum administrators can disable the Sticky extension until they are able to apply the update. The vulnerability cannot be exploited while the extension is disabled.
335 CVE-2021-21260 79 XSS CSRF 2021-01-22 2021-01-29
3.5
None Remote Medium ??? None Partial None
Online Invoicing System (OIS) is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XSS which can enables an attacker takeover of the admin account through a payload that extracts a csrf token and sends a request to change password. It has been found that Item description is reflected without sanitization in app/items_view.php which enables the malicious scenario.
336 CVE-2021-21258 79 XSS 2021-03-02 2021-03-09
3.5
None Remote Medium ??? None Partial None
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI from version 9.5.0 and before version 9.5.4, there is a cross-site scripting injection vulnerability when using ajax/kanban.php. This is fixed in version 9.5.4.
337 CVE-2021-21255 862 2021-03-02 2021-03-09
3.5
None Remote Medium ??? Partial None None
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI version 9.5.3, it was possible to switch entities with IDOR from a logged in user. This is fixed in version 9.5.4.
338 CVE-2021-21029 79 XSS 2021-02-11 2021-06-11
3.5
None Remote Medium ??? None Partial None
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a Reflected Cross-site Scripting vulnerability via 'file' parameter. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Access to the admin console is required for successful exploitation.
339 CVE-2021-21023 79 XSS 2021-02-11 2021-02-16
3.5
None Remote Medium ??? None Partial None
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting vulnerability in the admin console. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Access to the admin console is required for successful exploitation.
340 CVE-2021-20683 79 XSS 2021-03-26 2021-03-29
3.5
None Remote Medium ??? None Partial None
Improper neutralization of JavaScript input in the blog article editing function of baserCMS versions prior to 4.4.5 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.
341 CVE-2021-20681 79 XSS 2021-03-26 2021-03-29
3.5
None Remote Medium ??? None Partial None
Improper neutralization of JavaScript input in the page editing function of baserCMS versions prior to 4.4.5 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.
342 CVE-2021-20677 DoS 2021-03-26 2021-04-02
3.5
None Remote Medium ??? None None Partial
UNIVERGE Aspire series PBX (UNIVERGE Aspire WX from 1.00 to 3.51, UNIVERGE Aspire UX from 1.00 to 9.70, UNIVERGE SV9100 from 1.00 to 10.70, and SL2100 from 1.00 to 3.00) allows a remote authenticated attacker to cause system down and a denial of service (DoS) condition by sending a specially crafted command.
343 CVE-2021-20673 79 XSS 2021-03-10 2021-03-17
3.5
None Remote Medium ??? None Partial None
Stored cross-site scripting vulnerability in Admin Page of GROWI (v4.2 Series) versions from v4.2.0 to v4.2.7 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.
344 CVE-2021-20667 79 XSS 2021-03-10 2021-03-15
3.5
None Remote Medium ??? None Partial None
Stored cross-site scripting vulnerability due to inadequate CSP (Content Security Policy) configuration in GROWI versions v4.2.2 and earlier allows remote authenticated attackers to inject an arbitrary script via a specially crafted content.
345 CVE-2021-20654 79 XSS 2021-02-10 2021-02-16
3.5
None Remote Medium ??? None Partial None
Wekan, open source kanban board system, between version 3.12 and 4.11, is vulnerable to multiple stored cross-site scripting. This is named 'Fieldbleed' in the vendor's site.
346 CVE-2021-20635 307 2021-02-12 2021-02-18
3.3
None Local Network Low Not required Partial None None
Improper restriction of excessive authentication attempts in LOGITEC LAN-WH450N/GR allows an attacker in the wireless range of the device to recover PIN and access the network.
347 CVE-2021-20559 79 XSS 2021-05-10 2021-05-14
3.5
None Remote Medium ??? None Partial None
IBM Control Desk 7.6.1.2 and 7.6.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199228.
348 CVE-2021-20550 79 XSS 2021-04-27 2021-05-03
3.5
None Remote Medium ??? None Partial None
IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199168.
349 CVE-2021-20549 79 XSS 2021-04-27 2021-05-03
3.5
None Remote Medium ??? None Partial None
IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199167.
350 CVE-2021-20528 79 XSS 2021-05-19 2021-05-25
3.5
None Remote Medium ??? None Partial None
IBM Control Center 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198761.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.