Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2021-46355

Related Vulnerabilities: CVE-2021-46355  

OCS Inventory 2.9.1 is affected by Cross Site Scripting (XSS). To exploit the vulnerability, the attacker needs to manipulate the name of some device on your computer, such as a printer, replacing the device name with some malicious code that allows the execution of Stored Cross-site Scripting (XSS).

Source

Description

The MITRE CVE dictionary describes this issue as:

OCS Inventory 2.9.1 is affected by Cross Site Scripting (XSS). To exploit the vulnerability, the attacker needs to manipulate the name of some device on your computer, such as a printer, replacing the device name with some malicious code that allows the execution of Stored Cross-site Scripting (XSS).

Statement

No supported Red Hat products are affected by this flaw.

No supported Red Hat products are affected by this flaw.

Additional Information

  • Bugzilla 2054395: CVE-2021-46355 ocsinventory: Stored XSS via device name
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  • FAQ: Frequently asked questions about CVE-2021-46355

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started