Vulnerability Description
Opmantek Open-AudIT Community 4.2.0 (Fixed in 4.3.0) is affected by a Cross Site Scripting (XSS) vulnerability. If a bad value is passed to the routine via a URL, malicious JavaScript code can be executed in the victim's browser.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opmantek | Open-Audit | <= 4.2.0 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/165502/Open-AudIT-Community-4.2.0-Cross-SitExploitThird Party AdvisoryVDB Entry
- https://community.opmantek.com/display/OA/Errata+-+4.2.0+and+earlier+Javascript+MitigationPatchVendor Advisory
- https://community.opmantek.com/display/OA/Release+Notes+for+Open-AudIT+v4.3.0Release NotesVendor Advisory
- https://github.com/Opmantek/open-audit/commit/e37b64bbd0219f03cb71cc1cd5bb010166PatchThird Party Advisory
- http://packetstormsecurity.com/files/165502/Open-AudIT-Community-4.2.0-Cross-SitExploitThird Party AdvisoryVDB Entry
- https://community.opmantek.com/display/OA/Errata+-+4.2.0+and+earlier+Javascript+MitigationPatchVendor Advisory
- https://community.opmantek.com/display/OA/Release+Notes+for+Open-AudIT+v4.3.0Release NotesVendor Advisory
- https://github.com/Opmantek/open-audit/commit/e37b64bbd0219f03cb71cc1cd5bb010166PatchThird Party Advisory
FAQ
What is CVE-2021-44916?
CVE-2021-44916 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Opmantek Open-AudIT Community 4.2.0 (Fixed in 4.3.0) is affected by a Cross Site Scripting (XSS) vulnerability. If a bad value is passed to the routine via a URL, malicious JavaScript code can be exec...
How severe is CVE-2021-44916?
CVE-2021-44916 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-44916?
Check the references section above for vendor advisories and patch information. Affected products include: Opmantek Open-Audit.