Skip to main content
CVE-2021-41169 MEDIUM PATCH This Month

Sulu is an open-source PHP content management system based on the Symfony framework. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Sulu
NVD GitHub
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-40121 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to conduct a cross-site scripting (XSS) attack against a user. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Identity Services Engine
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2021-34789 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Tetration could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack on an affected system. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Tetration
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-34760 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Telepresence Management Suite
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-35228 MEDIUM This Month

This vulnerability occurred due to missing input sanitization for one of the output fields that is extracted from headers on specific section of page causing a reflective cross site scripting attack. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

XSS Database Performance Analyzer
NVD
CVSS 3.1
4.7
EPSS
0.6%
CVE-2021-29883 MEDIUM PATCH This Month

IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure attribute on authorization tokens or session cookies. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Transformation Extender Advanced
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2021-42096 MEDIUM PATCH This Month

GNU Mailman before 2.1.35 may allow remote Privilege Escalation. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Mailman Debian Linux
NVD
CVSS 3.1
4.3
EPSS
1.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy