Reflected Cross-Site Scripting Vulnerability in Micro Focus Verastream Host Integrator
CVE-2021-22522

7.1HIGH

Key Information:

Vendor: Microfocus
Status: Verastream Host Integrator.
Vendor: CVE Published:; 22 July 2021

What is CVE-2021-22522?

The reflected cross-site scripting vulnerability in Micro Focus Verastream Host Integrator allows attackers to inject malicious scripts into responses received by users. This could potentially expose sensitive information and lead to unauthorized data access. The vulnerability affects version 7.8 Update 1 and earlier, highlighting the importance of updating to prevent exploitation.

Affected Version(s)

Verastream Host Integrator. version 7.8 Update 1 and earlier versions.

References

https://support.microfocus.com/kb/doc.php?id=7025169

x_refsource_MISC

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 22, 2021
Vulnerability Reserved
Jan 5, 2021

Microfocus

What is CVE-2021-22522?

Affected Version(s)

References

CVSS V3.1

Timeline