CVE-2021-32544 : Special characters of IGT search function in igt+ ...
文章推薦指數: 80 %
CVE-2021-32544 : Special characters of IGT search function in igt+ are not filtered in specific fields, which allow remote authenticated attackers can ... (e.g.:CVE-2009-1234or2010-1234or20101234) LogIn Register TakeathirdpartyriskmanagementcourseforFREE VulnerabilityFeeds&WidgetsNew www.itsecdb.com Switchtohttps:// Home Browse: Vendors Products VulnerabilitiesByDate VulnerabilitiesByType Reports: CVSSScoreReport CVSSScoreDistribution Search: VendorSearch ProductSearch VersionSearch VulnerabilitySearch ByMicrosoftReferences Top50: Vendors VendorCvssScores Products ProductCvssScores Versions Other: MicrosoftBulletins BugtraqEntries CWEDefinitions About&Contact Feedback CVEHelp FAQ Articles ExternalLinks: NVDWebsite CWEWebSite ViewCVE: (e.g.:CVE-2009-1234or2010-1234or20101234) ViewBID: (e.g.:12345) SearchByMicrosoftReferenceID: (e.g.:ms10-001or979352) VulnerabilityDetails:CVE-2021-32544 SpecialcharactersofIGTsearchfunctioninigt+arenotfilteredinspecificfields,whichallowremoteauthenticatedattackerscaninjectmaliciousJavaScriptandcarryoutDOM-basedXSS(Cross-sitescripting)attacks. PublishDate:2021-05-11 LastUpdateDate:2021-05-14 CollapseAll ExpandAll Select Select&Copy ScrollTo VendorStatements(0) AdditionalVendorData(0) OVALDefinitions(0) VulnerableProducts(0) #OfVulnsByProducts References(0) MetasploitModules(0) Comments ViewUserComments AddComment ExternalLinks SecuniaAdvisories XForceAdvisories VulnerabilityDetailsatNVD VulnerabilityDetailsatMitre NessusPlugins LinuxKernelGitRepository FirstCVSSGuide SearchTwitter SearchYouTube SearchGoogle - CVSSScores&VulnerabilityTypes CVSSScore 3.5 ConfidentialityImpact None (Thereisnoimpacttotheconfidentialityofthesystem.) IntegrityImpact Partial (Modificationofsomesystemfilesorinformationispossible,buttheattackerdoesnothavecontroloverwhatcanbemodified,orthescopeofwhattheattackercanaffectislimited.) AvailabilityImpact None (Thereisnoimpacttotheavailabilityofthesystem.) AccessComplexity Medium (Theaccessconditionsaresomewhatspecialized.Somepreconditionsmustbesatistifiedtoexploit) Authentication ??? GainedAccess None VulnerabilityType(s) CrossSiteScripting CWEID 79 - ProductsAffectedByCVE-2021-32544 # ProductType Vendor Product Version Update Edition Language 1 Application Igt\Project Igt\ - * * * VersionDetails Vulnerabilities - NumberOfAffectedVersionsByProduct Vendor Product VulnerableVersions Igt\Project Igt\ 1 - ReferencesForCVE-2021-32544 https://www.twcert.org.tw/tw/cp-132-4719-e298a-1.htmlCONFIRMN/A - MetasploitModulesRelatedToCVE-2021-32544 TherearenotanymetasploitmodulesrelatedtothisCVEentry(Pleasevisitwww.metasploit.comformoreinformation) Howdoesitwork?Knownlimitations&technicaldetails Useragreement,disclaimerandprivacystatement About&Contact Feedback CVEisaregistredtrademarkoftheMITRECorporationandtheauthoritativesourceofCVEcontentis MITRE'sCVEwebsite. CWEisaregistredtrademarkoftheMITRECorporationandtheauthoritativesourceofCWEcontentis MITRE'sCWEwebsite. OVALisaregisteredtrademarkofTheMITRECorporationandtheauthoritativesourceofOVALcontentis MITRE'sOVALwebsite. UseofthisinformationconstitutesacceptanceforuseinanASIScondition. ThereareNOwarranties,impliedorotherwise,withregardtothisinformationoritsuse. Anyuseofthisinformationisattheuser'srisk. Itistheresponsibilityofusertoevaluatetheaccuracy,completenessorusefulnessofanyinformation,opinion,adviceorothercontent. EACHUSERWILLBESOLELYRESPONSIBLEFORANYconsequencesofhisorherdirectorindirectuseofthiswebsite. ALLWARRANTIESOFANYKINDAREEXPRESSLYDISCLAIMED.ThissitewillNOTBELIABLEFORANYDIRECT, INDIRECToranyotherkindofloss.
延伸文章資訊
- 1CVE-2021-32544 | Tenable®
CVE-2021-32544. medium. Information; CPEs (1); Plugins (0). New! CVE Severity Now Using CVSS v3. ...
- 2CVE-2021-32544 Detail
CVE-2021-32544 Detail ; Special characters of IGT search function in igt+ are not filtered in spe...
- 3艾及第資訊雲端社群播課系統- DOM-based Cross-Site Scripting
TVN ID, TVN-202104049. CVE ID, CVE-2021-32544. CVSS, 5.4 (Medium) CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:...
- 4CVE-2021-32544 - Alert Detail - Security Database
5.4 - CVE-2021-32544 · Executive Summary · Security-Database Scoring CVSS v3 · Security-Database ...
- 5CVE-2021-32544
CVE-2021-32544. Learn more at National Vulnerability Database (NVD). • CVSS Severity Rating • Fix...
