CVE-2021-42534

medium

Description

The affected product’s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms.

References

https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02

Details

Source: Mitre, NVD

Published: 2021-10-22

Updated: 2021-10-27

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N