CVE-2021-3535 in Nexposeinformación

Resumen

por MITRE • 2021-06-16

Rapid7 Nexpose is vulnerable to a non-persistent cross-site scripting vulnerability affecting the Security Console's Filtered Asset Search feature. A specific search criterion and operator combination in Filtered Asset Search could have allowed a user to pass code through the provided search field. This issue affects version 6.6.80 and prior, and is fixed in 6.6.81. If your Security Console currently falls on or within this affected version range, ensure that you update your Security Console to the latest version.

Be aware that VulDB is the high quality source for vulnerability data.

Responsable

Rapid7, Inc.

Reservar

2021-05-05

Divulgación

2021-06-16

Moderación

aceptado

Artículo

VDB-177101

CPE

listo

EPSS

0.00581

KEV

no

Actividades

muy bajo

Fuentes

Might our Artificial Intelligence support you?

Check our Alexa App!