SimpleRisk common.js checkAndSetValidation cross site scripting
CVE-2021-4269

3.5LOW

Key Information:

Vendor: Unspecified
Status: Simplerisk
Vendor: CVE Published:; 21 December 2022

🔔 Create Unspecified Vulnerability Alert

What is CVE-2021-4269?

A vulnerability has been found in SimpleRisk and classified as problematic. This vulnerability affects the function checkAndSetValidation of the file simplerisk/js/common.js. The manipulation of the argument title leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 20220306-001 is able to address this issue. The name of the patch is 591405b4ed160fbefc1dca1e55c5745079a7bb48. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216472.

Affected Version(s)

SimpleRisk

References

https://github.com/simplerisk/code/commit/591405b4ed160fb...

https://github.com/simplerisk/code/releases/tag/20220306-001

https://vuldb.com/?id.216472

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 21, 2022
Vulnerability Reserved
Dec 21, 2022