Published: 02/02/2021 Updated: 10/12/2021

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Subscribe to Adobe Consulting Services Commons

ACS Commons version 4.9.2 (and previous versions) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in version-compare and page-compare due to invalid JCR characters that are not handled correctly. An attacker could potentially exploit this vulnerability to inject malicious JavaScript content into vulnerable form fields and execute it within the context of the victim's browser. Exploitation of this issue requires user interaction in order to be successful.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe adobe consulting services commons

Microsoft emits more fixes for Exchange Server plus patches for remote-code exec holes in HTTP stack, Visual Studio

The Register • Thomas Claburn in San Francisco • 11 May 2021

Plus: Grab your updates for Adobe, SAP, Android, Intel

Patch Tuesday Microsoft's May Patch Tuesday brought a lighter-than-usual load of 55 fixes for 32 of the Windows giant's applications and services, which is about half what was served up in April. The Redmond-based firm's Office and Windows flagships house many of the identified vulnerabilities, alongside Internet Explorer, Visual Studio, Visual Studio Code, Skype, and other software. Among the 55 CVEs identified by Microsoft, four are rated critical, 50 are rated important, and one is rated mode...

CVE-2021-21043

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect