XSS Vulnerability in Power Admin PA Server Monitor
CVE-2021-26844

5.4MEDIUM

Key Information:

Vendor: Poweradmin
Status: Pa Server Monitor
Vendor: CVE Published:; 5 November 2021

What is CVE-2021-26844?

The identified cross-site scripting (XSS) vulnerability in Power Admin PA Server Monitor version 8.2.1.1 allows attackers to exploit the Console.exe component. By crafting malicious input, remote attackers can inject arbitrary web scripts or HTML, impacting the integrity and security of the application. This vulnerability underscores the need for robust input validation to mitigate potential risks associated with web-based administrative interfaces.

References

https://www.poweradmin.com/products/server-monitoring/sup...

x_refsource_MISC

https://pastebin.com/mrzVTPeV

x_refsource_MISC

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 5, 2021
Vulnerability Reserved
Feb 7, 2021

CVE-2021-26844 Data

JSON

Poweradmin

What is CVE-2021-26844?

References

CVSS V3.1

Timeline