XSS Vulnerabilities in CALDERA by DrunkenShells
CVE-2021-42558

6.1MEDIUM

Key Information:

Vendor: Mitre
Status: Caldera
Vendor: CVE Published:; 12 January 2022

Badges

👾 Exploit Exists

What is CVE-2021-42558?

CALDERA version 2.8.1 is susceptible to multiple types of Cross-Site Scripting (XSS) vulnerabilities. These vulnerabilities can be exploited by both authenticated users and unauthenticated attackers to execute arbitrary JavaScript in a user's browser. The improper handling of input allows malicious scripts to be reflected, stored, or executed within the application, posing significant security risks. Proper validation and sanitization of user inputs are essential to mitigate these vulnerabilities in your environment.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/mitre/caldera/releases

x_refsource_MISC

https://github.com/DrunkenShells/Disclosures/tree/master/...

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

🟡
Public PoC available
Jun 10, 2024
👾
Exploit known to exist
Jun 10, 2024
Vulnerability published
Jan 12, 2022
Vulnerability Reserved
Oct 18, 2021

JSON

Mitre