Cross-Site Scripting Vulnerability in Vicidial by ViciDial Group
CVE-2021-46557

5.4MEDIUM

Key Information:

Vendor: Vicidial
Status: Vicidial
Vendor: CVE Published:; 15 February 2022

What is CVE-2021-46557?

Vicidial 2.14-783a is susceptible to a cross-site scripting (XSS) vulnerability that arises from insufficient input validation in several input tabs. This flaw allows attackers to inject malicious scripts, potentially compromising user sessions or manipulating client-side scripts executed within a user's browser. It emphasizes the need for robust input sanitization mechanisms to defend against such web-based threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/Zeyad-Azima/Vicidial-stored-XSS

x_refsource_MISC

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Feb 15, 2022
Vulnerability Reserved
Jan 24, 2022

JSON

Vicidial

What is CVE-2021-46557?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.