Cross-Site Scripting Vulnerability in IBM OPENBMC OP910
CVE-2021-38961
6.1MEDIUM
Summary
IBM OPENBMC OP910 is susceptible to cross-site scripting, enabling attackers to inject malicious JavaScript into the web interface. This flaw may allow unauthorized manipulation of functionality, jeopardizing sensitive user credentials within a trusted session. To mitigate risks, it is crucial for users to remain vigilant about potential exploitation and apply necessary patches as soon as they are available.
Affected Version(s)
OPENBMC OP910
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved