Vulnerability Description
A vulnerability, which was classified as problematic, was found in ctrlo lenio. Affected is an unknown function in the library lib/Lenio.pm of the component Ticket Handler. The manipulation of the argument site_id leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 7a1f90bd2a0ce95b8338ec0926902da975ec64d9. It is recommended to apply a patch to fix this issue. VDB-216210 is the identifier assigned to this vulnerability.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ctrlo | Lenio | < 2021-02-09 |
Related Weaknesses (CWE)
References
- https://github.com/ctrlo/lenio/commit/7a1f90bd2a0ce95b8338ec0926902da975ec64d9PatchThird Party Advisory
- https://vuldb.com/?id.216210Permissions RequiredThird Party Advisory
- https://github.com/ctrlo/lenio/commit/7a1f90bd2a0ce95b8338ec0926902da975ec64d9PatchThird Party Advisory
- https://vuldb.com/?id.216210Permissions RequiredThird Party Advisory
FAQ
What is CVE-2021-4253?
CVE-2021-4253 is a vulnerability with a CVSS score of 3.5 (LOW). A vulnerability, which was classified as problematic, was found in ctrlo lenio. Affected is an unknown function in the library lib/Lenio.pm of the component Ticket Handler. The manipulation of the arg...
How severe is CVE-2021-4253?
CVE-2021-4253 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-4253?
Check the references section above for vendor advisories and patch information. Affected products include: Ctrlo Lenio.