Cross-Site Scripting Vulnerability in Versa Networks Versa Director
CVE-2021-39285

6.1MEDIUM

Key Information:

Vendor

Versa-networks

Status
Versa Director
Vendor
CVE Published:
7 September 2021

What is CVE-2021-39285?

A Cross-Site Scripting (XSS) vulnerability has been identified in the Versa Director, specifically in Release 16.1R2 Build S8. This flaw allows an attacker to exploit the administration web interface by injecting malicious scripts through specially crafted URLs. When executed, these scripts can compromise the integrity of the web application and lead to unauthorized access or data exposure. Organizations using affected versions are advised to apply necessary security measures to safeguard against potential exploitation and mitigate risks associated with this vulnerability.

References

https://versa-networks.com
x_refsource_MISC
https://github.com/pbgt/CVEs/blob/main/CVE-2021-39285.md
x_refsource_MISC

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.